www.pegamento.nl Open in urlscan Pro
2606:4700:20::681a:331 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://d15lcw04.na1.hubspotlinks.com/Ctc/DN%20113/d15lcW04/MWNWGJqrkxZN2QljLr8JnXmW3mxgk34PG7klN6klYWJ3q905V1-WJV7CgF26W1HJDS947PWYrW...
Effective URL:
https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uCl...
Submission: On September 07 via api (September 7th 2022, 8:23:22 am UTC) from US — Scanned from DE

Summary HTTP 279 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 45 IPs in 6 countries across 34 domains to perform 279 HTTP transactions. The main IP is 2606:4700:20::681a:331, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pegamento.nl.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 1st 2022. Valid for: a year.

This is the only time www.pegamento.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6812:1e69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	2606:4700:20:... 2606:4700:20::681a:331	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:206... 2600:9000:206e:d600:7:afd2:7080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	80.94.91.28 80.94.91.28	213035 (AS-SERVER...) (AS-SERVERION Serverion B.V.)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
24	2606:4700:10:... 2606:4700:10::ac43:2a18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:10e... 2a02:26f0:10e::6860:5baa	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:80ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:72b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
53	99.86.240.126 99.86.240.126	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2013	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
62	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:400c:c07::5c	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:f800:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700::68... 2606:4700::6811:7d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.148.34.38 54.148.34.38	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
279	45

2 2606:4700::6812:1e69 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

d15lcw04.na1.hubspotlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2606:4700:20::681a:331 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pegamento.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206e:d600:7:afd2:7080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.onlinesucces.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.94.91.28 (Amsterdam, Netherlands)

ASN213035 (AS-SERVERION Serverion B.V., NL)

connect.onlinesucces.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:10::ac43:2a18 (United States)

ASN13335 (CLOUDFLARENET, US)

donorbox.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10e::6860:5baa (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:72b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 99.86.240.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-126.vie50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

code.getmdl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:f800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:7d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.34.38 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-34-38.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
116	stripe.com js.stripe.com — Cisco Umbrella Rank: 2812 q.stripe.com — Cisco Umbrella Rank: 23470 r.stripe.com — Cisco Umbrella Rank: 8845 m.stripe.com — Cisco Umbrella Rank: 2345	1 MB
33	pegamento.nl www.pegamento.nl	3 MB
24	donorbox.org donorbox.org — Cisco Umbrella Rank: 74413	1 MB
20	google.com www.google.com — Cisco Umbrella Rank: 19 pay.google.com — Cisco Umbrella Rank: 3842 play.google.com — Cisco Umbrella Rank: 76	397 KB
16	gstatic.com www.gstatic.com fonts.gstatic.com	1021 KB
8	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 15304	273 KB
8	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 5796 api.hubspot.com — Cisco Umbrella Rank: 7808 track.hubspot.com — Cisco Umbrella Rank: 4628 app.hubspot.com — Cisco Umbrella Rank: 9790	26 KB
5	paypal.com www.paypal.com — Cisco Umbrella Rank: 2465 t.paypal.com — Cisco Umbrella Rank: 3345	110 KB
5	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 2261	42 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120	3 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 894 www.linkedin.com — Cisco Umbrella Rank: 847 px4.ads.linkedin.com — Cisco Umbrella Rank: 6869	4 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2119	40 KB
4	onlinesucces.nl cdn.onlinesucces.nl connect.onlinesucces.nl	4 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	131 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1568	15 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	315 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 3015	16 KB
2	getmdl.io code.getmdl.io — Cisco Umbrella Rank: 74408	270 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3469	655 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 stats.g.doubleclick.net — Cisco Umbrella Rank: 188	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	145 KB
2	hubspotlinks.com 1 redirects d15lcw04.na1.hubspotlinks.com	3 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 8403	443 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 6412	836 B
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 9510	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 4331	16 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 6219	3 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 8980	25 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 7816	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 4364	20 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 4638	1003 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1614	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 159	16 KB
0	Failed function sub() { [native code] }. Failed
279	34

	Domain	Requested by
53	js.stripe.com	donorbox.org js.stripe.com
45	r.stripe.com	js.stripe.com
33	www.pegamento.nl	d15lcw04.na1.hubspotlinks.com www.pegamento.nl static.cloudflareinsights.com
24	donorbox.org	www.pegamento.nl donorbox.org d15lcw04.na1.hubspotlinks.com static.cloudflareinsights.com
17	q.stripe.com	d15lcw04.na1.hubspotlinks.com
13	play.google.com	www.gstatic.com
11	www.gstatic.com	www.recaptcha.net www.google.com www.gstatic.com pay.google.com
8	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
5	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
5	www.recaptcha.net	donorbox.org www.gstatic.com www.recaptcha.net
4	pay.google.com	js.stripe.com pay.google.com d15lcw04.na1.hubspotlinks.com www.gstatic.com
4	fonts.googleapis.com	donorbox.org
4	www.paypal.com	donorbox.org www.paypal.com
3	connect.facebook.net	js.hsadspixel.net connect.facebook.net
3	www.google.com	www.pegamento.nl js.hsleadflows.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.gstatic.com
3	static.cloudflareinsights.com	www.pegamento.nl donorbox.org
2	www.facebook.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	app.hubspot.com	js.usemessages.com static.hsappstatic.net
2	code.getmdl.io	donorbox.org
2	track.hubspot.com
2	api.hubspot.com	js.usemessages.com
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	px.ads.linkedin.com	2 redirects
2	www.google.de	www.pegamento.nl
2	www.googletagmanager.com	d15lcw04.na1.hubspotlinks.com www.googletagmanager.com
2	connect.onlinesucces.nl	www.pegamento.nl
2	cdn.onlinesucces.nl	www.pegamento.nl
2	d15lcw04.na1.hubspotlinks.com	1 redirects
1	forms.hsforms.com
1	m.stripe.com	m.stripe.network
1	t.paypal.com	donorbox.org
1	api.hubapi.com	js.hsadspixel.net
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	px4.ads.linkedin.com	www.pegamento.nl
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	js.hs-scripts.com	www.pegamento.nl
1	region1.google-analytics.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
0	truncated Failed	donorbox.org
279	49

This site contains links to these domains. Also see Links.

Domain
digital-process-automation.cioapplicationseurope.com
www.facebook.com
www.linkedin.com
twitter.com

Subject Issuer	Validity	Valid
hubspotlinks.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-01` - `2023-01-31`	a year	crt.sh
cdn.onlinesucces.nl Amazon	`2021-12-21` - `2023-01-19`	a year	crt.sh
connect.onlinesucces.nl R3	`2022-08-03` - `2022-11-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-08-31` - `2023-01-10`	4 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
code.getmdl.io GTS CA 1D4	`2022-08-20` - `2022-11-18`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-16` - `2022-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-06` - `2022-12-07`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-03-04` - `2022-11-23`	9 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-11` - `2022-10-19`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Frame ID: 90228824230FDC07ED215E51ADBE798E
Requests: 76 HTTP requests in this frame

Frame: https://donorbox.org/embed/bartimeus-fonds
Frame ID: E63A049C0E38EB54F3ED642ABB470674
Requests: 29 HTTP requests in this frame

Frame: data://truncated
Frame ID: 927952914613221EC2B63F748955642E
Requests: 1 HTTP requests in this frame

Frame: https://donorbox.org/embed/bartimeus-fonds?only_donor_wall=true
Frame ID: FDDA24EDE39B5159AB128DE921041539
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-32e959c98c4c0c17724528b7bd74ae2c.html
Frame ID: 16828516357F862BB5E537F56B6D9ACB
Requests: 4 HTTP requests in this frame

Frame: https://donorbox.org/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1662537600
Frame ID: 31213AA42FC5446E08FCC1B93607D2C0
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
Frame ID: D6B919B064D692BD337E83442BFC88D6
Requests: 32 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-a0bc3c7dd2bf09b84537a09f4c7f72c4.html
Frame ID: 96EC85895A3F5A441CC57FA87490D051
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-91fd7b8d44ea913b20487b9c26a59261.html
Frame ID: C567F457F5144573EC1EFCDBB2DF5678
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
Frame ID: 4C7E7294C910FA9EB02B13405EDE3B14
Requests: 31 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
Frame ID: 166B1B8BE63BB1A8B54205AA8A0AB7E0
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
Frame ID: 0300CA8050F38AFB51B8F028F6837636
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
Frame ID: 0A91E338258A3C814EBB7407E5C8E771
Requests: 9 HTTP requests in this frame

Frame: https://donorbox.org/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1662537600
Frame ID: FAA7C64145C2BC0EAFB709767D7CDA2D
Requests: 3 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz&co=aHR0cHM6Ly9kb25vcmJveC5vcmc6NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=2ujgown3fo8f
Frame ID: AD21E8864C2198A171E341F6F57D3169
Requests: 8 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz&co=aHR0cHM6Ly9kb25vcmJveC5vcmc6NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=normal&cb=tmi830owokr2
Frame ID: EF4BDC722A9B305928C9FE027D3AFEA0
Requests: 3 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/9343506/threads/utk/eeada1ff17164ab7aee847a4a5a35b8a?uuid=6d02b0ffeeb9448a96f1a438071cef84&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=pegamento.nl&inApp53=false&messagesUtk=eeada1ff17164ab7aee847a4a5a35b8a&url=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 665C15A35F2709562D81A7DF3D6968F0
Requests: 10 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 0ACE608F0DFD07ED8272876428E37DEA
Requests: 4 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 5D694192513DB3565C1E800FA269F6E8
Requests: 15 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8B20FB29024D29D4745439EFE14AD9EC
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-3c688532414f303a457e03e6e9b84c8a.html
Frame ID: FFCF0F6BBABABEFBB78CC56F2DBE2487
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bartiméus Fonds - Pegamento

Page URL History Show full URLs

https://d15lcw04.na1.hubspotlinks.com/Ctc/DN%20113/d15lcW04/MWNWGJqrkxZN2QljLr8JnXmW3mxgk34PG7klN6klYWJ3q905V1-WJV... Page URL
https://d15lcw04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/DN%20113/d15lcW04/MWNWGJqrkxZN2QljLr8JnXmW... HTTP 307
https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

279
Requests

99 %
HTTPS

82 %
IPv6

34
Domains

49
Subdomains

45
IPs

6
Countries

7913 kB
Transfer

19729 kB
Size

28
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://digital-process-automation.cioapplicationseurope.com/vendor/pegamento-implementing-versatility-in-automation-processes-cid-2105-mid-318.html
Title: <img class="tve_image wp-image-7365" alt="CIO Applications Award 2022" data-id="7365" width="200" data-init-width="535" height="192" data-init-height="513" title="Artikel ads campagne 4" loading="lazy" src="https://www.pegamento.nl/wp-content/uploads/2022/08/Artikel-ads-campagne-4.png" data-css="tve-u-182abd9a1ab" style="" data-width="200" data-height="192" data-link-wrap="true">

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PegamentoNL/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/pegamento/

Search URL Search Domain Scan URL

URL: https://twitter.com/PegamentoNL/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://d15lcw04.na1.hubspotlinks.com/Ctc/DN%20113/d15lcW04/MWNWGJqrkxZN2QljLr8JnXmW3mxgk34PG7klN6klYWJ3q905V1-WJV7CgF26W1HJDS947PWYrW4PJHN63wrqq1W2YGQxQ2ZjxQDW50BkGn1J_-xkW7T6Yd33Vql4LTCvmm4Nbm85W3051fd1xhxplW5qBS8c8w103rW2M_TNS5Cn2PgW67cP8Q2PzQ-cW1vJCSB4RHc0QW2nWtc13WbMfCW1rGGZc3YZCVpW6l-9LW27dhHJW6K1TcW7sLh0YW7gSpHD8r1PnmN8cXNQ8GcqMVW2xtmYY4D4mlVW491n604Qd_TZW2SSGh26vh8hZW6pV40k6k8mSNN3Q-jF5DF_XcW95JNWv5Bb8dRW8927BT4nqWhT39MG1 Page URL
https://d15lcw04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/DN%20113/d15lcW04/MWNWGJqrkxZN2QljLr8JnXmW3mxgk34PG7klN6klYWJ3q905V1-WJV7CgF26W1HJDS947PWYrW4PJHN63wrqq1W2YGQxQ2ZjxQDW50BkGn1J_-xkW7T6Yd33Vql4LTCvmm4Nbm85W3051fd1xhxplW5qBS8c8w103rW2M_TNS5Cn2PgW67cP8Q2PzQ-cW1vJCSB4RHc0QW2nWtc13WbMfCW1rGGZc3YZCVpW6l-9LW27dhHJW6K1TcW7sLh0YW7gSpHD8r1PnmN8cXNQ8GcqMVW2xtmYY4D4mlVW491n604Qd_TZW2SSGh26vh8hZW6pV40k6k8mSNN3Q-jF5DF_XcW95JNWv5Bb8dRW8927BT4nqWhT39MG1?_ud=324712eb-6d5c-42d1-85f0-f0347bc14059&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3056644&time=1662538997378&url=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3056644%26time%3D1662538997378%26url%3Dhttps%253A%252F%252Fwww.pegamento.nl%252Fbartimeus-fonds%252F%253Futm_campaign%253DPers%25252Fnieuws%2526utm_medium%253Demail%2526_hsmi%253D225236351%2526_hsenc%253Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%2526utm_content%253D225236351%2526utm_source%253Dhs_email%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3056644&time=1662538997378&url=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3056644&time=1662538997378&url=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&liSync=true&e_ipv6=AQIytR2n1Cjz8QAAAYMXC-CGGN-tTVyA8S7Ybd4J768G7RlHWLMDe6mN5gd_XwytIUHcze10O5ds

279 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 MWNWGJqrkxZN2QljLr8JnXmW3mxgk34PG7klN6klYWJ3q905V1-WJV7CgF26W1HJDS947PWYrW4PJHN63wrqq1W2YGQxQ2ZjxQDW50BkGn1J_-xkW7T6Yd33Vql4LTCvmm4Nbm85W3051fd1xhxplW5qBS8c8w103rW2M_TNS5Cn2PgW67cP8Q2PzQ-cW1vJCSB4R...
d15lcw04.na1.hubspotlinks.com/Ctc/DN%20113/d15lcW04/ 9 KB
3 KB 469ms
410ms Document
text/html 2606:4700::6812:1e69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d15lcw04.na1.hubspotlinks.com/Ctc/DN%20113/d15lcW04/MWNWGJqrkxZN2QljLr8JnXmW3mxgk34PG7klN6klYWJ3q905V1-WJV7CgF26W1HJDS947PWYrW4PJHN63wrqq1W2YGQxQ2ZjxQDW50BkGn1J_-xkW7T6Yd33Vql4LTCvmm4Nbm85W3051fd1xhxplW5qBS8c8w103rW2M_TNS5Cn2PgW67cP8Q2PzQ-cW1vJCSB4RHc0QW2nWtc13WbMfCW1rGGZc3YZCVpW6l-9LW27dhHJW6K1TcW7sLh0YW7gSpHD8r1PnmN8cXNQ8GcqMVW2xtmYY4D4mlVW491n604Qd_TZW2SSGh26vh8hZW6pV40k6k8mSNN3Q-jF5DF_XcW95JNWv5Bb8dRW8927BT4nqWhT39MG1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 746e0a911e1bbb91-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Wed, 07 Sep 2022 08:23:15 GMT
referrer-policy: no-referrer
server: cloudflare
vary: Accept-Encoding
x-hubspot-correlation-id: 036f2938-924a-4fd7-b159-18aa2c906097
x-robots-tag: none

GET
H2

200

Primary Request / Show response
www.pegamento.nl/bartimeus-fonds/
Redirect Chain

https://d15lcw04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/DN%20113/d15lcW04/MWNWGJqrkxZN2QljLr8JnXmW3mxgk34PG7klN6klYWJ3q905V1-WJV7CgF26W1HJDS947PWYrW4PJHN63wrqq1W2YGQxQ2ZjxQDW50BkGn1...
https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-a...

234 KB
47 KB

341ms
279ms

Document
text/html

2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Requested by: Host: d15lcw04.na1.hubspotlinks.com
URL: https://d15lcw04.na1.hubspotlinks.com/Ctc/DN%20113/d15lcW04/MWNWGJqrkxZN2QljLr8JnXmW3mxgk34PG7klN6klYWJ3q905V1-WJV7CgF26W1HJDS947PWYrW4PJHN63wrqq1W2YGQxQ2ZjxQDW50BkGn1J_-xkW7T6Yd33Vql4LTCvmm4Nbm85W3051fd1xhxplW5qBS8c8w103rW2M_TNS5Cn2PgW67cP8Q2PzQ-cW1vJCSB4RHc0QW2nWtc13WbMfCW1rGGZc3YZCVpW6l-9LW27dhHJW6K1TcW7sLh0YW7gSpHD8r1PnmN8cXNQ8GcqMVW2xtmYY4D4mlVW491n604Qd_TZW2SSGh26vh8hZW6pV40k6k8mSNN3Q-jF5DF_XcW95JNWv5Bb8dRW8927BT4nqWhT39MG1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ab36282ec622a015d9a3b296cd2a8910463f537809d1cc9bec804394b5db88

Request headers

Referer: https://d15lcw04.na1.hubspotlinks.com/Ctc/DN%20113/d15lcW04/MWNWGJqrkxZN2QljLr8JnXmW3mxgk34PG7klN6klYWJ3q905V1-WJV7CgF26W1HJDS947PWYrW4PJHN63wrqq1W2YGQxQ2ZjxQDW50BkGn1J_-xkW7T6Yd33Vql4LTCvmm4Nbm85W3051fd1xhxplW5qBS8c8w103rW2M_TNS5Cn2PgW67cP8Q2PzQ-cW1vJCSB4RHc0QW2nWtc13WbMfCW1rGGZc3YZCVpW6l-9LW27dhHJW6K1TcW7sLh0YW7gSpHD8r1PnmN8cXNQ8GcqMVW2xtmYY4D4mlVW491n604Qd_TZW2SSGh26vh8hZW6pV40k6k8mSNN3Q-jF5DF_XcW95JNWv5Bb8dRW8927BT4nqWhT39MG1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cf-apo-via: origin,no-cache
cf-cache-status: BYPASS
cf-edge-cache: cache,platform=wordpress
cf-ray: 746e0a955e37bbbb-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Sep 2022 08:23:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0zt2pxgWezRUSO2bn2ofh8JaBgXZPJucacsAiHX0HqjW%2B%2B0yZe7GoHhboqUF2S6aBMKizrU6lflNUyOEghoV4ORRW3%2BUDPh47qsqerZkv03dURuGDGW8kMLrHIh5UTLtWu5p7gdl5Omrh7eK0Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 746e0a93ea85bb91-FRA
date: Wed, 07 Sep 2022 08:23:15 GMT
link: <https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email>; rel="canonical"
location: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
referrer-policy: no-referrer
server: cloudflare
x-hubspot-correlation-id: 3cfe85c5-0743-4454-867b-0ff12b811d6a
x-robots-tag: none

GET
H2 200 rocket-loader.min.js Show response
www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 22ms
20ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.pegamento.nl
URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 02 Sep 2022 17:28:02 GMT
server: cloudflare
etag: W/"63123d22-302c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXYlHGyTfSskc9JOViNDr8SC2339pAPCg%2Fs16LwLseYnI3tPbC8yLPe2L7aGq8KtGVxS4fN5OAyb2oza4XXVrDfg0rRvLT2ZNfewqE8XgTAbiqqMljwHTG45n%2BH0DQwTv4O%2Bj8kXLWXBOBlwU0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a97192abbbb-FRA
vary: Accept-Encoding
expires: Fri, 09 Sep 2022 08:23:16 GMT

GET
H2 200 tcb-base-css-890-1661771162.css
www.pegamento.nl/wp-content/uploads/thrive/ 19 KB
4 KB 27ms
26ms Stylesheet
text/css 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/uploads/thrive/tcb-base-css-890-1661771162.css
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7e0724aaeddd01df73399c5b8ed4f242b7e9097fc0cc614d09aecd862776661

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Aug 2022 11:06:02 GMT
server: cloudflare
age: 356
cf-polished: origSize=19877
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSA6dwRX5DXXdGbnBGYAn36Vu6o8miyGNJmpmxm0SQAFOMjOmhe5Qd%2FlhZVfwnbXDR5tSIQrZy%2F3xlnf7xY8DpcE6ntnFrwlr2yeoc2GpVj0atGN4E9QgjY6THBI%2BRSd6hUv4ra500t5OrithBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a97192dbbbb-FRA
cf-bgj: minify

GET
H2 200 style.css
www.pegamento.nl/wp-content/uploads/maxmegamenu/ 62 KB
6 KB 26ms
25ms Stylesheet
text/css 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/uploads/maxmegamenu/style.css?ver=190ae6
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cee816e05fe74101b3996fa55f60eb337c76c60c24bcd1667f60f8a219d92d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 08:07:11 GMT
server: cloudflare
age: 401
cf-polished: origSize=73091
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcKze9U2g8ghMOrPNaYf6TcG3hzdiJ3I6bgMnAaZuPGxUJeBaLATOdZHL%2FUmUU0U%2BhkZFlVBBPAQhmhAsrNpwOQjUUn43MTFDYBX575YB2EL9srVmC2Nkfyeo2KRG7iKUSWiMwM3YHjvvixbGio%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a97192ebbbb-FRA
cf-bgj: minify

GET
H2 200 dashicons.min.css
www.pegamento.nl/wp-includes/css/ 58 KB
35 KB 28ms
28ms Stylesheet
text/css 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-includes/css/dashicons.min.css?ver=6.0.2
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 08:06:32 GMT
server: cloudflare
age: 401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4y6xrRgKS9oUIPiNxMB%2F6Za5nKQaTvDvuCchsldw0cL33ogynzBP3X0U2ZdLjVV%2BtidN0rARhjpISF16lpnHSRdoUIId%2Bq6ygRXiKWjDOxb1BKZFNS7%2F2wD7wUh2lqGIc5hv3NxUuT41NTDME4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a971930bbbb-FRA

GET
H2 200 style.css
www.pegamento.nl/wp-content/themes/thrive-theme/ 17 KB
4 KB 27ms
27ms Stylesheet
text/css 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/themes/thrive-theme/style.css?ver=3.10
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6576970f7ccdb903816119d6a5c9160f207325bec9d3023307dd6f4e6361734

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Aug 2022 08:46:10 GMT
server: cloudflare
age: 401
cf-polished: origSize=18290
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUPSGZTPP7g6gBISir2R8wW9ocj%2BCLraCPc53z675jm46Ec1BkOYUgeq2ZE1aHBcZRC8xT2IPKlkCwfRkhYbmre4TAC2MgTjnDstnX%2BvkMqhayLc3nCnT6ObLAQGlLV71Dl3nznND%2FpMT6en1t0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a971931bbbb-FRA
cf-bgj: minify

GET
H2 200 logo-pega.webp
www.pegamento.nl/wp-content/uploads/2022/01/ 13 KB
14 KB 25ms
25ms Image
image/webp 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pegamento.nl/wp-content/uploads/2022/01/logo-pega.webp
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4b2b3df0cdb9d07c450b124ef2604b8f2da51420e5d0ff3553050abe724865f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 08:14:32 GMT
server: cloudflare
age: 401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qd8EWenBUA7Wpxu0ezPSjRD6KDlNGEfrfJBbXOp8bpZ1MENMOjEJFqbP92ZF%2BnXIMju%2FEczZoCE%2FmojcGeZxALJjUgt7WvdtEfr6Dr%2BAuQekI%2BvTV4ITNHENfQ%2Fe0J0JGaUIDn11bNjxnxPLeqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 746e0a97598ebbbb-FRA
content-length: 13662

GET
H2 200 email-decode.min.js Show response
www.pegamento.nl/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
965 B 21ms
20ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pegamento.nl/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 02 Sep 2022 17:28:02 GMT
server: cloudflare
etag: W/"63123d22-4d7"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBhDbD906iaocM7LGAYj4KBR2JSl2w8SwXLIKa3mhA7lvg9OtrE2p5uqIPdcc%2BhldDiyj94QIJeN7FF2VxwHVwcx%2Fu3HitBwlvIxcEUwUMprGHzmZWMB2WW1O%2FBaiUPwFjAMNosyFx%2BaeUOD8Ic%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a975980bbbb-FRA
vary: Accept-Encoding
expires: Fri, 09 Sep 2022 08:23:16 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 101ms
62ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.pegamento.nl/
Origin: https://www.pegamento.nl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 746e0a979e355ca4-FRA

GET
H2 200 jquery.min.js Show response
www.pegamento.nl/wp-includes/js/jquery/ 87 KB
32 KB 27ms
27ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 08:07:48 GMT
server: cloudflare
age: 401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aJLXl3Ak%2FImUq5NxHMuWRuqvToIiQaGNrFpvdbZcqJYz9NyAiZTdgf4NnxdwDJ2h82fAaCOpce8vVT%2FYMm2sAhQuhVYX88Mx8tzoUg3S%2Fi2xVhx%2BYI5sy9dtBfWgyQK5ylUTCegG417TJZsxFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a975996bbbb-FRA

GET
H2 200 jquery-migrate.min.js Show response
www.pegamento.nl/wp-includes/js/jquery/ 11 KB
4 KB 29ms
28ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 08:07:47 GMT
server: cloudflare
age: 401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tXa0xv8FUb0MikutUBgtbuK1hFACSLryOTEYuTQHwanfxL8MeblPhsK07XM7zAdi0aKkUdModr%2FSCP%2FTwK51ZGw9kVtyzcffy%2FjsbZ4t7Q%2BquPxe%2Fo5j5sj1TBR0xxTQnXorpRDm0cXG3pdMpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a9799f9bbbb-FRA

GET
H2 200 imagesloaded.min.js Show response
www.pegamento.nl/wp-includes/js/ 5 KB
2 KB 26ms
25ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 08:06:38 GMT
server: cloudflare
age: 401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCH03nLrLpVqvEnotiZJny390d9aQYJZ6D0cqWIUF8t7Wup5vZf5ZK8j7sRNZvuX9uGXWq9ZsHwtasJIziWmqLI0xtVlAuv9syUYelVF2Wy6OER0aKamllKTIOHEc1CQEcRLclHIWiQYo9i9GoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a9799fbbbbb-FRA

GET
H2 200 masonry.min.js Show response
www.pegamento.nl/wp-includes/js/ 24 KB
8 KB 26ms
26ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 08:06:38 GMT
server: cloudflare
age: 401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2n1HWU0RXULzv%2FyHfqDaSpMumYhcKhdeNROq11oUiUgA0bzZ21a9PHmOIZ0J5t3a5kvP29YHdRZwTQ7gEeoAsroKI8derhkUwJwcE5%2BfRE3CEZcRWjLSqReFrItK1Z21Mvn1VxllsJ84P5tHYaA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a9799fdbbbb-FRA

GET
H2 200 jquery.masonry.min.js Show response
www.pegamento.nl/wp-includes/js/jquery/ 2 KB
998 B 25ms
24ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 08:07:47 GMT
server: cloudflare
age: 401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSGXQ9kWPUGKgRGGxDrQgfcnEc4HkQ2Mz5la1Oc84UdiCog54CEXHpGLqTylSawzZUhCskd5yDt2SpJqXatXGFNCoKXValKwpy5Lf8xAtdaibX36SLvhIMxm%2BlC99j4EPn3OYzWFVQwQrDciOU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a9799febbbb-FRA

GET
H2 200 general.min.js Show response
www.pegamento.nl/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 68 KB
23 KB 27ms
27ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/general.min.js?ver=3.12
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf7ace042a58610df90fd0b5cdaabb5c97ab24fcc40494a81289250e55335af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Aug 2022 20:57:12 GMT
server: cloudflare
age: 401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DfRoYY73mNNxj3pu58j1X6RBaro0zTXj51nknBRZmh1hxHEuO2PPtr7hfJETN%2By1FNG9nxpaMY3sl4doe4%2F9IZNgL8ZhAQKpMz03IUXHhKBf4nEoQVHUMvFg%2Bmz%2BhNBofxFEsMpsgg4HQnsWOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a979a00bbbb-FRA

GET
H2 200 frontend.min.js Show response
www.pegamento.nl/wp-content/themes/thrive-theme/inc/assets/dist/ 27 KB
9 KB 26ms
26ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/themes/thrive-theme/inc/assets/dist/frontend.min.js?ver=3.10
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f618eb6286efd77c2eeb7f72f74829635555e38720c2d1fffbe2f20925252299

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Aug 2022 08:46:05 GMT
server: cloudflare
age: 401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLBhuNERR6VENEFU%2Fo6bc4hr%2FYXER1DcCTkjczx6I%2B7gcKxChkvwcoY2mYEHiq3ThMArpnZzEyzP9aqeOKx6gcaVdzeDJktLii5PJEswDeQALj1kD98wqigEhou633RIXK0IKLESd2GMd%2BXyRHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a979a01bbbb-FRA

GET
H2 200 efc.js Show response
cdn.onlinesucces.nl/js/efc/ 3 KB
1 KB 427ms
30ms Script
application/javascript 2600:9000:206e:d600:7:afd2:7080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onlinesucces.nl/js/efc/efc.js
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:d600:7:afd2:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6067674fa9b4572cb9d0835c64d9fbf637ea3045b4864ef4a5ee8fc278f3999c

Request headers

Referer: https://www.pegamento.nl/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-amz-version-id: wsZufQL6kmf81jtIeUe76Mv.zIrdA6cG
content-encoding: gzip
etag: W/"cb39bbf355cd3d838d0880f1b16a8c9a"
last-modified: Tue, 21 Dec 2021 10:14:36 GMT
server: AmazonS3
age: 7343
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 51f7e70303bbb917096a71171b20326e.cloudfront.net (CloudFront)
cache-control: max-age=43200
date: Wed, 07 Sep 2022 06:20:54 GMT
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 8qRuq1d33LVvrC8fCcXE_v1nyAyQ2i3nQKF_u2wTy-57n1QOgprRTQ==

GET
H/1.1 200
OK /
connect.onlinesucces.nl/ 43 B
517 B 495ms
71ms Image
image/gif 80.94.91.28
AS-SERVERION Serv...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.onlinesucces.nl/?cookie=1&i=486c5102fbf8c4ff0c8fa4c0d1ff2fa5516716ad&ts=1662538996411&f=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&r=&t=Bartim%C3%A9us%20Fonds%20-%20Pegamento

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

80.94.91.28 Amsterdam, Netherlands, ASN213035 (AS-SERVERION Serverion B.V., NL),

Reverse DNS

Software

Apache /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 08:23:16 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: sameorigin
Content-Type: image/gif
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 202 KB
73 KB 94ms
48ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TFJVFXT

Requested by

Host: d15lcw04.na1.hubspotlinks.com
URL: https://d15lcw04.na1.hubspotlinks.com/Ctc/DN%20113/d15lcW04/MWNWGJqrkxZN2QljLr8JnXmW3mxgk34PG7klN6klYWJ3q905V1-WJV7CgF26W1HJDS947PWYrW4PJHN63wrqq1W2YGQxQ2ZjxQDW50BkGn1J_-xkW7T6Yd33Vql4LTCvmm4Nbm85W3051fd1xhxplW5qBS8c8w103rW2M_TNS5Cn2PgW67cP8Q2PzQ-cW1vJCSB4RHc0QW2nWtc13WbMfCW1rGGZc3YZCVpW6l-9LW27dhHJW6K1TcW7sLh0YW7gSpHD8r1PnmN8cXNQ8GcqMVW2xtmYY4D4mlVW491n604Qd_TZW2SSGh26vh8hZW6pV40k6k8mSNN3Q-jF5DF_XcW95JNWv5Bb8dRW8927BT4nqWhT39MG1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85d46d1a8ae8cc48bd65682aaf16b405019423260c5cf18fa415f4e631260b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73894
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Sep 2022 08:23:16 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated Show response
/ Frame E63A 37 B
37 B Document
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated Show response
/ Frame 9279 37 B
37 B Document
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: image/gif

GET
H2 200 header-foto.png
www.pegamento.nl/wp-content/uploads/2022/07/ 1 MB
1 MB 117ms
117ms Image
image/png 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pegamento.nl/wp-content/uploads/2022/07/header-foto.png
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07c2368d85b0d08f0af8a017c057c5ef6a3c835c99e48b8a9e539f7be99506c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Jul 2022 08:17:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFdVByszfmG4%2FAWs1RpKpj0sHMkv6gvIP3ught98j2C2EQgY2MTC0XiIHjILwW3Ioi3K8HVk5phj3yoi0%2FhndkUSHSQgJhoL8aQODRJvf5G30Gu9Q36Jh66qRHF29VmbtE1DVXaWNLoo%2Bxq5DiI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 746e0a9a7ee5bbbb-FRA
content-length: 1091134

GET
H2 200 VarelaRound-Regular.woff2
www.pegamento.nl/wp-content/uploads/2022/01/ 46 KB
46 KB 25ms
24ms Font
application/octet-stream 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/uploads/2022/01/VarelaRound-Regular.woff2
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63820a7a652f16a10151f42afc460489b6356e87323348b2d27534060430fc9f

Request headers

Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Origin: https://www.pegamento.nl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 08:14:40 GMT
server: cloudflare
age: 401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Op%2BWMEW2EdWTTOvH0cH2YDR%2BSaGh15TlM9C7F%2BYLsT%2F2sWxGpfZqSx%2BSutC%2FPaalwlKoqrN%2Fu3B%2BL5Vw0bHA9nhYQk250n%2BNiwYZO2mad3euYGXGsPwR4jlQjkKRZwJ%2BpsaKCnaKFt6tFFNHgaI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 746e0a9a7eefbbbb-FRA
content-length: 47144

GET
H2 200 AnyConv.com__OpenSans-Regular.woff2
www.pegamento.nl/wp-content/uploads/2022/01/ 137 KB
138 KB 39ms
39ms Font
application/octet-stream 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/uploads/2022/01/AnyConv.com__OpenSans-Regular.woff2
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fa7ec6c87f11b8fa1487e84723d86b2e84797661379884ad6c358f8c824ecbf

Request headers

Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Origin: https://www.pegamento.nl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 08:14:28 GMT
server: cloudflare
age: 401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQ7Q53W3aosL7E%2BO9whvKyjZQpAPQ%2BuCgFCMt3AJJ2kiudWDkRuPk3YxIPyQ4jh5xdtlyPSh%2BmqGBdAmFtjVI5iqfVDt2SyF5pri0Ox8PZiJSrfqsT1%2BgJHRdW8xrIP4KQ%2BqhuQrEOU2igzbbok%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 746e0a9a7ef2bbbb-FRA
content-length: 140369

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://www.pegamento.nl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated Show response
/ Frame FDDA 37 B
37 B Document
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: image/gif

GET
H2 200 widget.js Show response
donorbox.org/ 4 KB
2 KB 189ms
42ms Script
application/javascript 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donorbox.org/widget.js
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89830402b29eb63be8a18419c458f153d888f4938a4b6ff95a9ec190c61bfc2a

Request headers

Referer: https://www.pegamento.nl/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

cf-ray: 746e0a9b9f999b52-FRA
date: Wed, 07 Sep 2022 08:23:17 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 07 Sep 2022 07:16:37 GMT
server: cloudflare
age: 57
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=120, max-age=0
content-encoding: gzip

GET
H2 200 PEG-header-food-1-scaled.jpg
www.pegamento.nl/wp-content/uploads/2021/01/ 287 KB
287 KB 26ms
25ms Image
image/jpeg 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pegamento.nl/wp-content/uploads/2021/01/PEG-header-food-1-scaled.jpg
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2282fda0bef9572effb5f14bcebb37829a405cf99e857534bf44a94d06e8d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 08:12:58 GMT
server: cloudflare
age: 355
cf-polished: origSize=327669, status=webp_bigger
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gRfa%2F%2FqYJtv%2BOkj3Q%2Fh3oYxSck8iqqJnTgiE43ycdW7gpRuqsx34thlpMTbNHS%2B3VyCXyVQW1HykyGEAhvFe1OETpbnQDu6XT7nh04fUl4P0tvapzJs8F%2B2P%2FXF1gWORi8wvl8eLcHJDnZn4bU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 746e0a9abf8bbbbb-FRA
content-length: 293660
cf-bgj: imgq:100,h2pri

GET
H2 200 AnyConv.com__OpenSans-Regular.woff
www.pegamento.nl/wp-content/uploads/2022/01/ 78 KB
79 KB 25ms
24ms Font
application/x-font-woff 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/uploads/2022/01/AnyConv.com__OpenSans-Regular.woff
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 543ceb846af6fbfff9fc58f1e53994f3f191116c51ca95de3ce75d675c50ea66

Request headers

Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Origin: https://www.pegamento.nl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:16 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 08:14:28 GMT
server: cloudflare
age: 401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBivUSH%2BX7CWbuTKEsVYfTYUAQnofM9HxiHGhbrQkLM5gtnG6d4D9sx%2B5lIasHQFADQfNcvOQXru5KTxJkR66e8sBREyclLE%2FPxkX74HsEtSDYrJh6IuM5jsvZ5x5jj9v1oMQchI6Hb0wcVJ9m4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 746e0a9ae80cbbbb-FRA
content-length: 80280

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
72 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RFFCWKQRHX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFJVFXT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7b06b3c13d68df5df7b2f13e9eaeab6c910b4a32cd3e3c21ba682ad42bc21b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73964
x-xss-protection: 0
expires: Wed, 07 Sep 2022 08:23:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 74ms
20ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFJVFXT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4877
date: Wed, 07 Sep 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 07 Sep 2022 09:02:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 148ms
91ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFJVFXT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 08:23:17 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 378ms
56ms Script
application/x-javascript 2a02:26f0:10e::6860:5baa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFJVFXT
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e::6860:5baa Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:17 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=82886
accept-ranges: bytes
content-length: 3063

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 264ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RFFCWKQRHX&gtm=2oe8v0&_p=120589274&cid=925176585.1662538997&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662538997&sct=1&seg=0&dl=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&dt=Bartim%C3%A9us%20Fonds%20-%20Pegamento&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RFFCWKQRHX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 08:23:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pegamento.nl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 69ms
27ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=120589274&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Bartim%C3%A9us%20Fonds%20-%20Pegamento&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1793664392&gjid=976038130&cid=925176585.1662538997&tid=UA-138328043-1&_gid=762472088.1662538997&_r=1&gtm=2wg8v0TFJVFXT&z=749691258

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pegamento.nl/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 08:23:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pegamento.nl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 maxmegamenu.js Show response
www.pegamento.nl/wp-content/plugins/megamenu/js/ 19 KB
4 KB 33ms
29ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.8
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c2d44d4ef3f14eefd935acbc3a3a1b8ee462693c9bbbd96eca177b95fd98032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 08:08:11 GMT
server: cloudflare
age: 402
cf-polished: origSize=30529
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Hw%2FCe6N83FY1ZMeSgaq0c6VYuDoAxw%2BpoXyrS%2FZfsmlKnDYLSVatrMNHm9NTcc5Tc5rMS%2FXO072dgEn9S7Cf8%2BBFscAe%2BuHYvt4cRkfbr7KnkvBPGbJ4z5OnIHAnQwa9ZWHu%2BNSsdRtrH%2F8%2Fp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a9c3a53bbbb-FRA
cf-bgj: minify

GET
H2 200 hoverIntent.min.js Show response
www.pegamento.nl/wp-includes/js/ 1 KB
1013 B 28ms
25ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Jul 2022 11:46:01 GMT
server: cloudflare
age: 402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsEkXx839POudaMCL9pxUDh1HXMmT0DEbSpwrRx51ARvJvDtnUmdsuIeHdz7eI%2BqvSi6YZAw3bdP7jx3RQe08Refu%2Bcx8uRgncXou8Q1PfTpI5GzuHW%2FZlHdjisCgNl0x4r0eF70la0FvmDVmwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a9c3a56bbbb-FRA

GET
H2 200 smush-lazy-load.min.js Show response
www.pegamento.nl/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 29ms
26ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.11.1
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 08:22:35 GMT
server: cloudflare
age: 402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWkpEQdSJswgtnYwxxWSUyJAKPFAFa5VllPoiuJkzlhmSdmtd2jTVbxxpR26%2FIZqpRMqH01Mlew%2F9USXQtuoJAUWkLN0CcdDQh7eZwZ1ADOHViK5rhSyuu0xcRQViVqFMf7TDFY2R0eAZMD15tw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a9c3a57bbbb-FRA

GET
H2 200 social-share.min.js Show response
www.pegamento.nl/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 6 KB
3 KB 28ms
25ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/social-share.min.js?v=3.12&ver=3.12
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fee061e427ed1ebeb56c7e0d1ae9417b82924fa49389d39794d76033a3d39287

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Aug 2022 20:57:12 GMT
server: cloudflare
age: 402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qp%2FWtOT3WxZcIzWrUipDhl8NlcP5Ed3LwgAJfoG4mRzQoNzkxtXg9s91e6caYOW1BQ54zAgpMAhcBc8MZMcquRrcxjnEFxTLkCe%2BJvawOSv0n3vs4xVx6xLGC2SfMtvpGr09EkTZxjrYteHazi0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a9c3a59bbbb-FRA

GET
H2 200 divider.min.js Show response
www.pegamento.nl/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 905 B
769 B 27ms
24ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/divider.min.js?v=3.12&ver=3.12
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 084923fa090cf4836b8300ff11b03022886ede9df52f76263f6254beebf5dcfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Aug 2022 20:57:12 GMT
server: cloudflare
age: 402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2X%2Bk97NyD5PG6wle0gUNdfNZ52ErnfcBWiz4q%2BKCcBeTQOX4PMMJcvfy%2BI0O%2BXnqPhFUwc1LArsSUfcSk9DX2ArxrR3km%2B1FpDCfhxa4r9wxghpYxqxi7XbfiRvnevFsZ6wVvdgfHtVjdXWOR4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a9c3a5bbbbb-FRA

GET
H2 200 search-form.min.js Show response
www.pegamento.nl/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 10 KB
3 KB 29ms
26ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/search-form.min.js?v=3.12&ver=3.12
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 399a58cb8e54552de5db05b0756f5896744d4d827c7dfdb7355ca2ad274f293b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Aug 2022 20:57:12 GMT
server: cloudflare
age: 402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAoDRtnB9qaOUFIfuU2PArYwKPSENsIx05WDrveQxfdT5Z%2Fo7yaFRSvPNeHjOY8VnNaUcTt0pDrEnFDspI%2F5IZ57xtLb24dXL3xHwcq78C41RPGlJuE21%2BcKuz8MufOMTvXJNb6oDQyXT09tHsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a9c3a5cbbbb-FRA

GET
H2 200 frontend.min.js Show response
www.pegamento.nl/wp-content/themes/thrive-theme/thrive-dashboard/js/dist/ 3 KB
2 KB 30ms
27ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/themes/thrive-theme/thrive-dashboard/js/dist/frontend.min.js?ver=3.10
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 446a1e15818ad492348384cfb62ee4c09674e5ffb8ec3296ef5170242bb24b9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Aug 2022 08:46:10 GMT
server: cloudflare
age: 402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6fWUZ0cXqGn9VRGBHsXxHvuP5bbzPJSkagQa6N%2Ft6VTPlvm%2BfEZCzECzKlgAXQJs0BQ%2FK%2BnfOKW83A50BINtRp3qhh7rEHc%2FnTjFt13nZ6NkJmHImNT76ZGFgCa5jDtg1VajaxdRzIh5Uu0JgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a9c3a5fbbbb-FRA

GET
H2 200 video.min.js Show response
www.pegamento.nl/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 15 KB
5 KB 30ms
28ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/video.min.js?v=3.12&ver=3.12
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0240d981db324a351db5606296ef89cbbfd58f80c7eab1cb9884e7b1fae337ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Aug 2022 20:57:12 GMT
server: cloudflare
age: 402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBocD5HtlpweQm4D2C7W2s6fRu9RVPbxTnDhvxCLzXy92ADkPCKYgu%2BZli4ldF72Rhx0wldgejDSXB1yGhvDKlz4SOXi4fHsrfNjxgibT%2Bs27hMsqFIYiE8p5arTmBSecrm43dBm%2FtfSuERUajs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a9c3a60bbbb-FRA

GET
H2 200 tabs.min.js Show response
www.pegamento.nl/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 5 KB
2 KB 33ms
31ms Script
application/javascript 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pegamento.nl/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/tabs.min.js?v=3.12&ver=3.12
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 732cb2f43a282d343cefc0aa9ea7b80c1a7971f1e70c29ce94b483c1030b2d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Aug 2022 20:57:12 GMT
server: cloudflare
age: 73005
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tL%2BuCNkqIBdEqZZEdhQppbJ2KDW3g5y%2BKa%2FMGzF1vJe%2BqdgCci9wVfEh0sBWdKeispq2L%2BUazuScbXv0XfgSLpE1Uitf7bf4oiaoJDNqDtF5gfklYOXf484kppWuiDgGYj%2BVjV6hv2Iha8VTbPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746e0a9c3a61bbbb-FRA

GET
H2 200 efc.js Show response
cdn.onlinesucces.nl/js/efc/ 3 KB
1 KB 30ms
29ms Script
application/javascript 2600:9000:206e:d600:7:afd2:7080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onlinesucces.nl/js/efc/efc.js?ver=1.0
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:d600:7:afd2:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6067674fa9b4572cb9d0835c64d9fbf637ea3045b4864ef4a5ee8fc278f3999c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: wsZufQL6kmf81jtIeUe76Mv.zIrdA6cG
content-encoding: gzip
etag: W/"cb39bbf355cd3d838d0880f1b16a8c9a"
last-modified: Tue, 21 Dec 2021 10:14:36 GMT
server: AmazonS3
age: 7344
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 51f7e70303bbb917096a71171b20326e.cloudfront.net (CloudFront)
cache-control: max-age=43200
date: Wed, 07 Sep 2022 06:20:54 GMT
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: vk9tXp1fSQpgQ91caQWkp1Xb-7irPBBFNpmmQ-Wvf3EbSjdXUTvtdw==

GET
H2 200 9343506.js Show response
js.hs-scripts.com/ 3 KB
1003 B 319ms
141ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/9343506.js?integration=WordPress&ver=9.0.35
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89e371794fbc7b7f610cdeeb0a477df0dc29c62cd47d57a294a3f1971980a402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:17 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 07 Sep 2022 08:18:54 GMT
server: cloudflare
x-hubspot-correlation-id: 11381ef3-e488-4532-8b49-3feaba961ef5
x-trace: 2B43E42A285932BB338B904C37FBFE15661DCFB305000000000000000000
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.pegamento.nl
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 746e0a9d4b4e8fec-FRA
expires: Wed, 07 Sep 2022 08:24:17 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/752461251/ 3 KB
2 KB 204ms
37ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752461251/?random=1662538997150&cv=9&fst=1662538997150&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&tiba=Bartim%C3%A9us%20Fonds%20-%20Pegamento&auid=1932969929.1662538997&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10c13ec0c8fd86774c7ac8dece28cf17ecbe6b59febb16b204baf4d3ec66585e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 08:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1215
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 175ms
26ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-138328043-1&cid=925176585.1662538997&jid=1793664392&gjid=976038130&_gid=762472088.1662538997&_u=YADAAEAAAAAAAC~&z=1794814068

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pegamento.nl/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 07 Sep 2022 08:23:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.pegamento.nl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 91ms
44ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-138328043-1&cid=925176585.1662538997&jid=1793664392&_u=YADAAEAAAAAAAC~&z=483816088

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 08:23:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 91ms
44ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-138328043-1&cid=925176585.1662538997&jid=1793664392&_u=YADAAEAAAAAAAC~&z=483816088

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 08:23:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/752461251/ 42 B
548 B 76ms
33ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/752461251/?random=1662538997150&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&frm=0&url=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&tiba=Bartim%C3%A9us%20Fonds%20-%20Pegamento&async=1&fmt=3&is_vtc=1&random=4231262791&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 08:23:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/752461251/ 42 B
548 B 77ms
34ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/752461251/?random=1662538997150&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&frm=0&url=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&tiba=Bartim%C3%A9us%20Fonds%20-%20Pegamento&async=1&fmt=3&is_vtc=1&random=4231262791&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 08:23:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3056644&time=1662538997378&url=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3056644%26time%3D1662538997378%26url%3Dhttps%253A%252F%252Fwww.pegamento.nl%252Fb...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3056644&time=1662538997378&url=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3056644&time=1662538997378&url=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%...

0
264 B

207ms
141ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3056644&time=1662538997378&url=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&liSync=true&e_ipv6=AQIytR2n1Cjz8QAAAYMXC-CGGN-tTVyA8S7Ybd4J768G7RlHWLMDe6mN5gd_XwytIUHcze10O5ds
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:17 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7180B6622B1143C18250787094FD3FA0 Ref B: VIEEDGE3014 Ref C: 2022-09-07T08:23:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXoEgZoAUyaAQbRy3f9vQ==
x-li-fabric: prod-lva1

Redirect headers

date: Wed, 07 Sep 2022 08:23:17 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 29C546127AD5410384B2B7293451587C Ref B: FRAEDGE1312 Ref C: 2022-09-07T08:23:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3056644&time=1662538997378&url=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&liSync=true&e_ipv6=AQIytR2n1Cjz8QAAAYMXC-CGGN-tTVyA8S7Ybd4J768G7RlHWLMDe6mN5gd_XwytIUHcze10O5ds
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXoEgZk1BOo2DFEhYw3fg==

GET truncated
/ Frame FDDA 0
0

GET
H/1.1 200
OK /
connect.onlinesucces.nl/ 43 B
516 B 62ms
62ms Image
image/gif 80.94.91.28
AS-SERVERION Serv...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.onlinesucces.nl/?i=486c5102fbf8c4ff0c8fa4c0d1ff2fa5516716ad&ts=1662538998165&f=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&r=&t=Bartim%C3%A9us%20Fonds%20-%20Pegamento

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

80.94.91.28 Amsterdam, Netherlands, ASN213035 (AS-SERVERION Serverion B.V., NL),

Reverse DNS

Software

Apache /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 08:23:18 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: sameorigin
Content-Type: image/gif
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 logo-pega.webp
www.pegamento.nl/wp-content/uploads/2022/01/ 13 KB
14 KB 25ms
24ms Image
image/webp 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pegamento.nl/wp-content/uploads/2022/01/logo-pega.webp
Requested by: Host: www.pegamento.nl
URL: https://www.pegamento.nl/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.11.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4b2b3df0cdb9d07c450b124ef2604b8f2da51420e5d0ff3553050abe724865f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 08:14:32 GMT
server: cloudflare
age: 403
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kgwNjQo0dQifa2P2ZFiLas8xgC2SkL001p3Ucebv0%2FClcF9QRYwf56sRo6aEFGTuvsj09FyrVTGMp8FupFEzmgee5wLe5nLNXCgs4htu%2F9t%2BOjeaSmsLFCGkPjW9pebL%2BTRjsCcNMx9wgXenAk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 746e0aa2ac6dbbbb-FRA
content-length: 13662

GET bartimeus-fonds
donorbox.org/embed/ Frame E63A 0
0

GET
H2 200 9343506.js Show response
js.hs-analytics.net/analytics/1662538800000/ 63 KB
20 KB 98ms
53ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1662538800000/9343506.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9343506.js?integration=WordPress&ver=9.0.35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af68ebf6a7e9544b12f6134f6873e932aae8ab2528d8871d6145885485fcc032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 56
x-amz-server-side-encryption: AES256
x-amz-request-id: HPS3KD4DA6SJC6PF
x-amz-id-2: 2jNXwSSSZ0wantXCrYxTQNwvk+fcAU0qtYUL6JgOh20mfhwF6hYhgZQzKT+7jaIP+hg9DVRYYkI=
last-modified: Wed, 31 Aug 2022 13:05:54 GMT
server: cloudflare
etag: W/"2aa816fe6660357ffd3f482d3dd7c66e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 746e0aa2feb95b74-FRA
expires: Wed, 07 Sep 2022 08:27:22 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 548 KB
88 KB 93ms
35ms Script
application/javascript 2606:4700::6811:e9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9343506.js?integration=WordPress&ver=9.0.35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3a88c35bdc16d97403947a9f9188faf13af9a6776529a422286716605d5fee

Request headers

Referer: https://www.pegamento.nl/
Origin: https://www.pegamento.nl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
via: 1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 558
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js&cfRay=746dfd060ba268e9-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 746e0aa30b81690d-FRA
last-modified: Tue, 06 Sep 2022 03:53:55 UTC
server: cloudflare
etag: W/"6ec4f161716a8da5c8c95cda1e89dc05"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: Ur8e8LShl3Q9Sr_qgQx0CQrFz7yEnpM5
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: T-RvOGrwvi99HtLlAeF0KPdiZHx9LtHAjDiZ64hcPz2dGbBfbw9RNw==
x-hs-target-asset: lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 72 KB
25 KB 82ms
38ms Script
application/javascript 2606:4700::6811:80ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9343506.js?integration=WordPress&ver=9.0.35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:80ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0a88a680075dec852a87e3caa62bbb27bc77affb238de1778e1a8dca88e088

Request headers

Referer: https://www.pegamento.nl/
Origin: https://www.pegamento.nl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
via: 1.1 920629f47fa586ce02a1a1af8b626578.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 356
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.285/bundles/project.js&cfRay=746e01f1889a91e4-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 746e0aa2fbcb9279-FRA
last-modified: Mon, 18 Jul 2022 02:17:32 UTC
server: cloudflare
etag: W/"877e5f54a66a69786dec54038d0864c4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: gdKWpz_yvObw8s97wY_QgOhrdmJzIElp
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: IzJrBD5kZxLdso1URDcYQpzuy7hDsExJTp0zUKjsdCSlV2TlmJBTiQ==
x-hs-target-asset: collected-forms-embed-js/static-1.285/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 81ms
37ms Script
application/javascript 2606:4700::6811:72b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9343506.js?integration=WordPress&ver=9.0.35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e403a2b0fec3d21d154e033a7f3410b42318c2ffe673e77a25733cc226ce2db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
via: 1.1 e418fd5667de46c635f0321ea814c2e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 155
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.291/bundles/pixels-release.js&cfRay=746e06d95eb9bb9d-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 29 Aug 2022 02:24:13 UTC
server: cloudflare
etag: W/"b87a46225f6f8c23b129956fa811f1ce"
vary: Accept-Encoding
x-amz-version-id: 7UJo2wwrqBK17_VnZoHwOb7a4zSK2Hcf
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 746e0aa2ffbabb9d-FRA
x-amz-cf-id: uwM84npejimuZ-gNP-bIjYgdDCAsM5a6lS_VyanTOgdQw6F-nIuU4Q==
x-hs-target-asset: adsscriptloaderstatic/static-1.291/bundles/pixels-release.js

GET
H2 200 9343506.js Show response
js.hs-banner.com/ 60 KB
16 KB 178ms
138ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/9343506.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9343506.js?integration=WordPress&ver=9.0.35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c5068a61a1da743ae6459cd247b2e228a23bd80999483e0f2fc9f72c11e8528

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: XAHC83476011S8MH
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: 5EdoS95cQfutW/CkG0zO1NsXs5WtMu4V3onPiJ4s2mEjj4QgsQW4gHbEhz5VT/p/YicLMDg0QDQ=
timing-allow-origin: *
last-modified: Tue, 30 Aug 2022 22:25:04 GMT
server: cloudflare
etag: W/"6d0cb487b6a67b33090169a6759e8470"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: Jyyi7nbqgJ0sfpRkWzIfQBPFWlhcPYQM
access-control-allow-origin: https://www.pegamento.nl
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 746e0aa2ed959124-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 07 Sep 2022 08:28:18 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 73 KB
21 KB 91ms
33ms Script
application/javascript 2606:4700::6811:eecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9343506.js?integration=WordPress&ver=9.0.35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc3b175c482f1f54f77d4ccad5366704cc4b0daa2a88e653f509fe88a92c53e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 260
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10632/bundles/project.js&cfRay=746e04494a00699b-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 22 Aug 2022 02:10:32 UTC
server: cloudflare
etag: W/"be054c0d1ce8e9f928e051e15475d755"
vary: Accept-Encoding
x-amz-version-id: 3C1npQH0ys7YIJipkKSW0mB3OJD1A1US
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 746e0aa30b82690d-FRA
x-amz-cf-id: mWYm5vtq4znfpO98JWRdfbhjetg4hbXPKllFcMwLZ-W2xafVvX780Q==
x-hs-target-asset: conversations-embed/static-1.10632/bundles/project.js

POST
H2 200 rum Show response
www.pegamento.nl/cdn-cgi/ 0
235 B 38ms
38ms XHR
text/plain 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pegamento.nl/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type: application/json

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.pegamento.nl
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 746e0aa2cc9dbbbb-FRA
vary: Origin

GET
H2 200 logo-bartimeus.png
www.pegamento.nl/wp-content/uploads/2022/07/ 9 KB
10 KB 100ms
100ms Image
image/png 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pegamento.nl/wp-content/uploads/2022/07/logo-bartimeus.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb589a6f94e84785a635a878f08562c973eb46bc5b553d55acf0373c7363ff08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Jul 2022 13:02:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezATKGbIjY9Vh54GYH%2B8FVGZB3EXQJB43YsIXWT1KRy1Iva0C7YvPlZ%2F%2B7Adf3j0EcqufqDADbzRmr%2BAW0G%2B8SV%2BAUGP5ytJCdu7E1e884UXFchhUCbh8545v9qhkiq1tfCCsCw6SftpC4AE15c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 746e0aa2dcc7bbbb-FRA
content-length: 9545

GET
H2 200 bartimeus-fonds Show response
donorbox.org/embed/ Frame E63A 34 KB
10 KB 39ms
39ms Document
text/html 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donorbox.org/embed/bartimeus-fonds

Requested by

Host: www.pegamento.nl
URL: https://www.pegamento.nl/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/general.min.js?ver=3.12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e32f2a67cbc4ca6db906c65cecf763a595bf6a701f7dd5bcf49cb8727719b0c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pegamento.nl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 167
cache-control: max-age=0, public, must-revalidate, s-maxage=300
cf-cache-status: HIT
cf-ray: 746e0aa2dafb9b52-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 08:23:18 GMT
last-modified: Wed, 07 Sep 2022 08:20:31 GMT
p3p: CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
permissions-policy: speaker-selection=(),ambient-light-sensor=(),magnetometer=(),display-capture=(),midi=()
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept, Accept-Language, Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-dbox-cache-lang: de-DE,de;q=0.9
x-dbox-cache-url: https://donorbox.org/embed/bartimeus-fonds?cf_cache_lang=de
x-download-options: noopen
x-frame-options: ALLOWALL
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
x-request-id: 4befdc78-fa2d-49d1-8a1e-a051622c25df
x-runtime: 0.035480
x-xss-protection: 1; mode=block

GET
H2 200 bartimeus-fonds Show response
donorbox.org/embed/ Frame FDDA 4 KB
2 KB 47ms
47ms Document
text/html 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donorbox.org/embed/bartimeus-fonds?only_donor_wall=true

Requested by

Host: www.pegamento.nl
URL: https://www.pegamento.nl/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/general.min.js?ver=3.12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

007f56dd14f42b63eb5a58654189e74e8b118af954e4a10b13170dc9ad40e09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pegamento.nl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 167
cache-control: max-age=0, public, must-revalidate, s-maxage=300
cf-cache-status: HIT
cf-ray: 746e0aa2dafd9b52-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 08:23:18 GMT
last-modified: Wed, 07 Sep 2022 08:20:31 GMT
p3p: CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
permissions-policy: speaker-selection=(),ambient-light-sensor=(),magnetometer=(),display-capture=(),midi=()
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept, Accept-Language, Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-dbox-cache-lang: de-DE,de;q=0.9
x-dbox-cache-url: https://donorbox.org/embed/bartimeus-fonds?only_donor_wall=true&cf_cache_lang=de
x-download-options: noopen
x-frame-options: ALLOWALL
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
x-request-id: 4c7641f1-5678-4573-97bc-cdd5705d1805
x-runtime: 0.017592
x-xss-protection: 1; mode=block

GET
H2 200 application_embed-a5a8d12a77e9f5d96fc00008a78e609d05bef2559c932fc4cfc8de00f7a87242.css
donorbox.org/assets/ Frame E63A 461 KB
64 KB 44ms
44ms Stylesheet
text/css 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donorbox.org/assets/application_embed-a5a8d12a77e9f5d96fc00008a78e609d05bef2559c932fc4cfc8de00f7a87242.css

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

644fc549673b2599735f629cc86675d314a75af51e6aa85d28c7efd14c0e6372

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/bartimeus-fonds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 14:12:27 GMT
server: cloudflare
age: 3756
vary: Accept-Encoding, Origin
content-type: text/css
via: 1.1 vegur
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
cf-ray: 746e0aa32b719b52-FRA
content-length: 64969

GET
H2 200 apple-pay-logo-8defa2d27c9ce10d3ff68fd1e9d452aacf5a9f2dd68b4c185a45dbab9c1b1380.png
donorbox.org/assets/ Frame E63A 3 KB
3 KB 63ms
63ms Image
image/png 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donorbox.org/assets/apple-pay-logo-8defa2d27c9ce10d3ff68fd1e9d452aacf5a9f2dd68b4c185a45dbab9c1b1380.png

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbb15691847a9d00cccde29feffb123265276d22f209d0371183dd19af854a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/bartimeus-fonds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 23 Mar 2022 01:58:23 GMT
server: cloudflare
age: 3748
vary: Origin, Accept-Encoding
content-type: image/png
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
cf-ray: 746e0aa32b759b52-FRA
content-length: 2634

GET
H2 200 google-pay-logo-5741c955d2352ce45c46aea3079731bf4cb4e7554086a0b9131bd8b0e111f0fb.png
donorbox.org/assets/ Frame E63A 3 KB
3 KB 73ms
71ms Image
image/png 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donorbox.org/assets/google-pay-logo-5741c955d2352ce45c46aea3079731bf4cb4e7554086a0b9131bd8b0e111f0fb.png

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab7f07d2c342be5bc2dde8a358ddbf84adf615590e22bc2a5a0cde7daee383a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/bartimeus-fonds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 23 Mar 2022 01:58:23 GMT
server: cloudflare
age: 3689
vary: Origin, Accept-Encoding
content-type: image/png
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
cf-ray: 746e0aa33b9e9b52-FRA
content-length: 3404

GET
H2 200 paypal-step2-logo-d0571d3406f153163f5f4a245106e7bf251a5abf3910905781c6afb0e7ce566d.png
donorbox.org/assets/ Frame E63A 4 KB
4 KB 73ms
71ms Image
image/png 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donorbox.org/assets/paypal-step2-logo-d0571d3406f153163f5f4a245106e7bf251a5abf3910905781c6afb0e7ce566d.png

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d384269f927c9423b2dc9374986bfbb69985acd5f0b22ffff5ea5ecc1b221af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/bartimeus-fonds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 23 Mar 2022 01:58:23 GMT
server: cloudflare
age: 3723
vary: Origin, Accept-Encoding
content-type: image/png
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
cf-ray: 746e0aa33ba29b52-FRA
content-length: 4332

GET
H2 200 paypal-venmo-6b70bfcd9c3f01334cf28f386dd8262bbc64002e421d8325fe04fa1da03f7cea.png
donorbox.org/assets/ Frame E63A 3 KB
3 KB 55ms
53ms Image
image/png 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donorbox.org/assets/paypal-venmo-6b70bfcd9c3f01334cf28f386dd8262bbc64002e421d8325fe04fa1da03f7cea.png

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6910c72e830f24f75a1b618693e768e71f2d892300fe232422f972149b7e2bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/bartimeus-fonds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 23 Mar 2022 01:58:23 GMT
server: cloudflare
age: 3723
vary: Origin, Accept-Encoding
content-type: image/png
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
cf-ray: 746e0aa33ba59b52-FRA
content-length: 3485

GET
H2 200 payapl-mergado-796af1a4c44e5399c5dec83889c45053c8a4292dc4e1287173b436251b466463.png
donorbox.org/assets/ Frame E63A 8 KB
8 KB 54ms
52ms Image
image/png 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donorbox.org/assets/payapl-mergado-796af1a4c44e5399c5dec83889c45053c8a4292dc4e1287173b436251b466463.png

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

643003095027cb25cda505f2f75691bdfff496da9de7650b3b2bc590a5e3360f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/bartimeus-fonds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 23 Mar 2022 01:58:23 GMT
server: cloudflare
age: 3748
vary: Origin, Accept-Encoding
content-type: image/png
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
cf-ray: 746e0aa33ba79b52-FRA
content-length: 8064

GET
H2 200 payent_options_logo-fd73d1de00bf369b233904bca777efe36c0c939bb298e3f8d119db1ca5e44174.png
donorbox.org/assets/widget-tab-icons/ Frame E63A 9 KB
9 KB 55ms
54ms Image
image/png 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donorbox.org/assets/widget-tab-icons/payent_options_logo-fd73d1de00bf369b233904bca777efe36c0c939bb298e3f8d119db1ca5e44174.png

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fe4ebc7d6c80f5569cbc313e339a1bab66d10b3369638ab46dd37e5e2c02b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/bartimeus-fonds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 23 Mar 2022 01:58:23 GMT
server: cloudflare
age: 3722
vary: Origin, Accept-Encoding
content-type: image/png
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
cf-ray: 746e0aa33baa9b52-FRA
content-length: 9170

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ Frame E63A 887 B
1003 B 197ms
27ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bba35e873ab92d5adc84eb44a10eff36abd2655d2f073f1ef8fa613643be9efc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 590
x-xss-protection: 1; mode=block
expires: Wed, 07 Sep 2022 08:23:18 GMT

GET
H2 200 cc-cvc-f02c13e7dcec5aa08988cad4a936831264fee830bc3a98ad3168f102587bcdf1.png
donorbox.org/assets/ Frame E63A 4 KB
4 KB 55ms
54ms Image
image/png 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donorbox.org/assets/cc-cvc-f02c13e7dcec5aa08988cad4a936831264fee830bc3a98ad3168f102587bcdf1.png

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93378c6a055ba88a98e4103e5e69223de732a96d649bf122de263af0748c639c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/bartimeus-fonds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Tue, 24 Aug 2021 08:20:46 GMT
server: cloudflare
age: 3756
vary: Origin, Accept-Encoding
content-type: image/png
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
cf-ray: 746e0aa34bc49b52-FRA
content-length: 4098

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame E63A 333 KB
103 KB 237ms
20ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AUzIp9-lJOX-S2n6uFsYyIwoEBXDo2fkqWRbMjz3XXWJlnJjh3pRvC0pV7q1j5GQupQw6iiijiqz9H2N&components=buttons%2Cfunding-eligibility&currency=EUR&disable-funding=credit&enable-funding=venmo&merchant-id=2EEZ5HHKKFUUC

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0e73bcdd5b0a148f94426936a6f6a7d1264308ee3e6c4bb683a0296a862c1e45

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-jsL0gaa+lucAkpb4MTlIn3Z0MoWzosuM7aLar0vkfZwNaY/3' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-jsL0gaa+lucAkpb4MTlIn3Z0MoWzosuM7aLar0vkfZwNaY/3' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-jsL0gaa+lucAkpb4MTlIn3Z0MoWzosuM7aLar0vkfZwNaY/3' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-jsL0gaa+lucAkpb4MTlIn3Z0MoWzosuM7aLar0vkfZwNaY/3' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 557
x-cache: HIT
p3p: true
paypal-debug-id: f88420860233a
server-timing: "traceparent;desc="00-0000000000000000000f88420860233a-5c8fc2db5c0a5b39-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 104227
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4082-HHN
access-control-allow-origin: *
traceparent: 00-0000000000000000000f88420860233a-da58a4d62ae9014c-01
x-timer: S1662538998.489216,VS0,VE2
x-frame-options: SAMEORIGIN
date: Wed, 07 Sep 2022 08:23:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"19723-app/crifk/RXGWkniCbdIXoZL5o"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 paypal-logo-456c64a67c5e96213d846dbedaa0db5a1e15f72ee8f7ba963fa9a7aba1646da9.png
donorbox.org/assets/ Frame E63A 9 KB
9 KB 55ms
54ms Image
image/png 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donorbox.org/assets/paypal-logo-456c64a67c5e96213d846dbedaa0db5a1e15f72ee8f7ba963fa9a7aba1646da9.png

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cea167bdc8fd6def0e923edf2e39603639425d5b2d579afb17eae4f7f6714f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/bartimeus-fonds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Tue, 24 Aug 2021 08:20:46 GMT
server: cloudflare
age: 3721
vary: Origin, Accept-Encoding
content-type: image/png
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
cf-ray: 746e0aa34bc69b52-FRA
content-length: 9164

GET
H2 200 / Show response
js.stripe.com/v3/ Frame E63A 328 KB
80 KB 252ms
36ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f6e7178a181c0843cb1b48b0bc94d10b2159fe5fcd5c67280e133ea0aaf4e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 8
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:10 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:52:50 GMT
server: Cloudfront
etag: W/"ecc51acb63952cabcf47d27636ef5eed"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: kO86IXtO9dowXKMlpw1oXUnpevB0uPLgCSr04IW_C4qPaUzealP2lg==

GET
H2 200 donor_app_v1_5-868bd4599f2e0c1a1e07cc10f66184a4763bcd9b179a0e31e76e16d19af1cb87.js Show response
donorbox.org/assets/ Frame E63A 1 MB
376 KB 55ms
53ms Script
application/javascript 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donorbox.org/assets/donor_app_v1_5-868bd4599f2e0c1a1e07cc10f66184a4763bcd9b179a0e31e76e16d19af1cb87.js

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73a8a5808e5216330c08a08811fe34f96cbdd2311888679b35b951f22137d652

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/bartimeus-fonds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 14:00:51 GMT
server: cloudflare
age: 3710
vary: Accept-Encoding, Origin
content-type: application/javascript
via: 1.1 vegur
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
cf-ray: 746e0aa33b9b9b52-FRA
content-length: 384467

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame E63A 14 KB
5 KB 84ms
83ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://donorbox.org/
Origin: https://donorbox.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 746e0aa33e4a5ca4-FRA

GET
H2 200 application_embed-a5a8d12a77e9f5d96fc00008a78e609d05bef2559c932fc4cfc8de00f7a87242.css
donorbox.org/assets/ Frame FDDA 461 KB
64 KB 53ms
53ms Stylesheet
text/css 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donorbox.org/assets/application_embed-a5a8d12a77e9f5d96fc00008a78e609d05bef2559c932fc4cfc8de00f7a87242.css

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds?only_donor_wall=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

644fc549673b2599735f629cc86675d314a75af51e6aa85d28c7efd14c0e6372

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/bartimeus-fonds?only_donor_wall=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 14:12:27 GMT
server: cloudflare
age: 3756
vary: Accept-Encoding, Origin
content-type: text/css
via: 1.1 vegur
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
cf-ray: 746e0aa33b939b52-FRA
content-length: 64969

GET
H2 200 donor_app_v1_5-868bd4599f2e0c1a1e07cc10f66184a4763bcd9b179a0e31e76e16d19af1cb87.js Show response
donorbox.org/assets/ Frame FDDA 1 MB
376 KB 54ms
53ms Script
application/javascript 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donorbox.org/assets/donor_app_v1_5-868bd4599f2e0c1a1e07cc10f66184a4763bcd9b179a0e31e76e16d19af1cb87.js

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds?only_donor_wall=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73a8a5808e5216330c08a08811fe34f96cbdd2311888679b35b951f22137d652

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/bartimeus-fonds?only_donor_wall=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 14:00:51 GMT
server: cloudflare
age: 3710
vary: Accept-Encoding, Origin
content-type: application/javascript
via: 1.1 vegur
strict-transport-security: max-age=63072000; includeSubDomains
accept-ranges: bytes
cf-ray: 746e0aa33b989b52-FRA
content-length: 384467

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame FDDA 14 KB
5 KB 75ms
75ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds?only_donor_wall=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://donorbox.org/
Origin: https://donorbox.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 746e0aa33e525ca4-FRA

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 283ms
137ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=9343506&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

895b93834ec33ab0982acaeff29b5569e0c4366850fceef5cfd96dc763b59e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.pegamento.nl/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f2ceed98-6087-4380-a6b4-ce752981d4f0
cf-ray: 746e0aa44f489bac-FRA
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8BaFi8uB6ymhB7djinbb83FM76kKJWdI%2FkUAPeIAK4NwYB5X1BMHuSvhVIF35hoPM0fpOnbyryNOfax30Ua2wIekSBycrXVEgWE4J%2BaCbyONRKhXLXq5da%2BIpeNBCIV0hcBLT0fjQFdy4qTTD40"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.pegamento.nl
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
3 KB 233ms
210ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=9343506&conversations-embed=static-1.10632&mobile=false&messagesUtk=eeada1ff17164ab7aee847a4a5a35b8a&traceId=eeada1ff17164ab7aee847a4a5a35b8a

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12f5c42699d3958ae4233c0fbb6ea874cb6d5c7211a0f9709303e3a6ffb75c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Referer: https://www.pegamento.nl/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 20cecf51-0dd3-4b01-9937-d5a33133f861
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1679
server: cloudflare
x-trace: 2B626749AADFD0874796B374CF276F854202572305000000000000000000
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPXDle%2BeFNt4RXxtk53BkTVLMSzcWWGuzOuIrxoMbYdlC%2FySFz0V2M4L80faa1yHqOzhOII7pPyub9PkKMjU4EYvzcpuXbdsiYDVGkCNyV9qHpGW5D3tigCygnHk2ICD2WRu8mw0O7OQHKKNmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.pegamento.nl
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 746e0aa55fdfbc04-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
890 B 265ms
136ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1659233187&v=1.1&a=9343506&ct=standard-page&pu=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&t=Bartim%C3%A9us+Fonds+-+Pegamento&cts=1662538998305&vi=ea4a49825475933b1b23ba97302afb50&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 8be2c6a9-ec3a-425c-a297-ded49cafcc3f
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
x-robots-tag: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxTjpXUNk9QuK3seztv5Z0bsdsPukprSLhyOxKhjXyOJXzTFlkn5C7aq2HV0JWe9CI7D7R%2FlQo9p1%2BVkKNlSWZQkZyzbwO8tx0BCRnEVW65b14chkki%2BQH5jshv0n93zpSpvHnqy%2B7a10IjpAFMV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 746e0aa44f58bb8b-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame E63A 26 KB
1 KB 144ms
35ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,300,700,600,800,400

Requested by

Host: donorbox.org
URL: https://donorbox.org/assets/application_embed-a5a8d12a77e9f5d96fc00008a78e609d05bef2559c932fc4cfc8de00f7a87242.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 08:23:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 08:23:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 08:23:18 GMT

GET
H2 200 icon
fonts.googleapis.com/ Frame E63A 569 B
869 B 140ms
31ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: donorbox.org
URL: https://donorbox.org/assets/application_embed-a5a8d12a77e9f5d96fc00008a78e609d05bef2559c932fc4cfc8de00f7a87242.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 08:23:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 08:23:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 08:23:18 GMT

GET
H2 200 material.indigo-pink.min.css
code.getmdl.io/1.1.1/ Frame E63A 135 KB
135 KB 177ms
33ms Stylesheet
text/css 2a00:1450:4001:82b::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://code.getmdl.io/1.1.1/material.indigo-pink.min.css

Requested by

Host: donorbox.org
URL: https://donorbox.org/assets/application_embed-a5a8d12a77e9f5d96fc00008a78e609d05bef2559c932fc4cfc8de00f7a87242.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

adc89d7d695381bf2118da87e677a2af4057f40e466cf6c1a9af963d3921e1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Wed, 03 Feb 2016 15:50:37 GMT
server: Google Frontend
age: 392778
etag: W/"2386ea5247b09703963cf983f8428147"
allow: GET, HEAD, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 86b86674c667a674637e25ed39526b6d
cache-control: public,max-age=2592000
date: Fri, 02 Sep 2022 19:17:00 GMT
x-appengine-log-flush-count: 0
content-length: 138128

GET
H2 200 css
fonts.googleapis.com/ Frame FDDA 26 KB
1 KB 123ms
34ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,300,700,600,800,400

Requested by

Host: donorbox.org
URL: https://donorbox.org/assets/application_embed-a5a8d12a77e9f5d96fc00008a78e609d05bef2559c932fc4cfc8de00f7a87242.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 08:23:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 08:23:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 08:23:18 GMT

GET
H2 200 icon
fonts.googleapis.com/ Frame FDDA 569 B
417 B 120ms
31ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: donorbox.org
URL: https://donorbox.org/assets/application_embed-a5a8d12a77e9f5d96fc00008a78e609d05bef2559c932fc4cfc8de00f7a87242.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 08:23:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 08:23:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 08:23:18 GMT

GET
H2 200 material.indigo-pink.min.css
code.getmdl.io/1.1.1/ Frame FDDA 135 KB
135 KB 153ms
28ms Stylesheet
text/css 2a00:1450:4001:82b::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://code.getmdl.io/1.1.1/material.indigo-pink.min.css

Requested by

Host: donorbox.org
URL: https://donorbox.org/assets/application_embed-a5a8d12a77e9f5d96fc00008a78e609d05bef2559c932fc4cfc8de00f7a87242.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

adc89d7d695381bf2118da87e677a2af4057f40e466cf6c1a9af963d3921e1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Wed, 03 Feb 2016 15:50:37 GMT
server: Google Frontend
age: 494620
etag: W/"2386ea5247b09703963cf983f8428147"
allow: GET, HEAD, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 85b0fc2b31ffb3f8d3fa661499ad01c0
cache-control: public,max-age=2592000
date: Thu, 01 Sep 2022 14:59:38 GMT
x-appengine-log-flush-count: 0
content-length: 138128

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 74 B
836 B 215ms
144ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=9343506

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d52fec3df6843f849c42f7c9ae0f21a93db5dd16a9f867eeda3469d557381abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9b2d6679-5149-4619-92fd-6fbcdae15b19
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B2A3CD4667467832491E85EB9E751860711350930000000000000000000
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EewnKqXt%2Fwp9O3ETs4QdBA1RU523Cpjr04n%2FYdbiqV510imtJVtW%2Ft8l7wLGLdCPaOWgScxOmjYo87BZuYg0Nl1U2bC5At0y7MrvdONve4apJyIILOlWHEHU7gDYUElqWoNCjVjLbFS8lpLA"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.pegamento.nl
access-control-allow-credentials: false
cf-ray: 746e0aa448419be6-FRA
access-control-allow-headers: *

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 2 KB
2 KB 157ms
148ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=9343506&utk=ea4a49825475933b1b23ba97302afb50&__hstc=267206801.ea4a49825475933b1b23ba97302afb50.1662538998303.1662538998303.1662538998303.1&__hssc=267206801.1.1662538998304&currentUrl=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d28cb39d6d318b23e2fb5fe1810b77e7f0229479b4765bdb5214d2e59e70d47f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 09f7ebbe-8899-4df1-a2fb-bb6a9f1d7541
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-robots-tag: none
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NN%2BFB1DLK4iajQKi%2FbGY70RRRISNbUv6kwJKEuuCKFlIVD4Fxw3jyOAbW6Cv4dnGFcbDbnlD1cF2Mum3NekFU0SF%2BMo3gb4t35q7RwKPA8mefmuC%2B8qwXvlMYf4V3O6%2FBfFeeglbQ%2Bbscqd0ZRIP"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.pegamento.nl
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 746e0aa44f499bac-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 279ms
144ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.pegamento.nl
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.pegamento.nl
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 746e0aa44e2e6937-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 07 Sep 2022 08:23:18 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A895ry7yqkLYK2HRpMkt%2FDvUCs7nCwjnGmTBn3uqMwbqS%2BC%2BrsDsrahYnAXphqI30cY%2FRGboIraQOWWuy3OWmgLURZgo6s7C%2BS9wDmHOT8H0m1P2nLKX226WZueIhPGf%2BFco5WsoqZDJm4Jiyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: adb42382-d16c-4c40-bd30-b5a0b844fda1
x-trace: 2BCD5B5C32A7914A0750AD4C94397D9E7561E338BB000000000000000000

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ Frame E63A 392 KB
157 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://donorbox.org/
Origin: https://donorbox.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159560
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 05:20:34 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 63ms
21ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26737
x-xss-protection: 0
pragma: public
x-fb-debug: K6t8zgw9my3rGlENiZulbdatZDHMHw5Xrga58GcIlvLgZvtIu+QmgPpaWbhc5bToP3nax9QFFXaZUW94EzuVJg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 07 Sep 2022 08:23:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ Frame E63A 12 KB
5 KB 22ms
22ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=donorbox.org&t=xo&v=5.0.330&source=payments_sdk&mrid=2EEZ5HHKKFUUC&client_id=AUzIp9-lJOX-S2n6uFsYyIwoEBXDo2fkqWRbMjz3XXWJlnJjh3pRvC0pV7q1j5GQupQw6iiijiqz9H2N&comp=buttons,funding-eligibility&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AUzIp9-lJOX-S2n6uFsYyIwoEBXDo2fkqWRbMjz3XXWJlnJjh3pRvC0pV7q1j5GQupQw6iiijiqz9H2N&components=buttons%2Cfunding-eligibility&currency=EUR&disable-funding=credit&enable-funding=venmo&merchant-id=2EEZ5HHKKFUUC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-gOq1RxCsh/S5fSSvxePmstpAuoVA1KddKekfVkyDjPB6OEc1' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-gOq1RxCsh/S5fSSvxePmstpAuoVA1KddKekfVkyDjPB6OEc1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 556
x-cache: HIT
paypal-debug-id: f553991e8a22f
server-timing: "traceparent;desc="00-0000000000000000000f553991e8a22f-4825ccb7d0ff74b9-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f553991e8a22f-c1c08768f671e2de-01
x-timer: S1662538999.605903,VS0,VE2
x-frame-options: SAMEORIGIN
date: Wed, 07 Sep 2022 08:23:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 942 B
609 B 70ms
29ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=explicit

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4af9c69352b526533d79eda7beb0be5b2ad605a548eb9c0eefe510bd46bd344f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 588
x-xss-protection: 1; mode=block
expires: Wed, 07 Sep 2022 08:23:18 GMT

GET
H3 200 __ptq.gif
track.hubspot.com/ 45 B
671 B 161ms
137ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=90b010b8-e4e1-4e2b-b607-6b0f121d8955&lfi=3130744&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1659233187&v=1.1&a=9343506&ct=standard-page&pu=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&t=Bartim%C3%A9us+Fonds+-+Pegamento&cts=1662538998603&vi=ea4a49825475933b1b23ba97302afb50&nc=true&u=267206801.ea4a49825475933b1b23ba97302afb50.1662538998303.1662538998303.1662538998303.1&b=267206801.1.1662538998304&cc=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b1488ed3-62f7-439a-845c-22e54b05543e
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
x-robots-tag: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ow3cwdgUWxdKge3EmaF%2BAc760%2BItvuDtySZw6FBXD7aR7meJcPMecna3anwH84qvqlNAWyIWXGVH8jOJ4wcJ9aObUJ0J%2F45YsGHLGtxhv0t6%2FUcsr8XbAtPQ9rhBfOzd4Y98guFfRifXzcrDiVJ7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 746e0aa57a84693d-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame E63A 44 KB
44 KB 66ms
19ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,300,700,600,800,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donorbox.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 135174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 18:50:24 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ Frame E63A 125 KB
126 KB 85ms
41ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donorbox.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 20:33:24 GMT
x-content-type-options: nosniff
age: 474594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128352
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Sep 2023 20:33:24 GMT

GET
H2 200 SourceSansPro-Regular-9a14ddaff6e051bd91ce7aed4f5b7fd0d6109530be12d039845e7cedcb8182bf.otf
donorbox.org/assets/ Frame E63A 224 KB
225 KB 38ms
37ms Font
application/vnd.oasis.opendocument.formula-template 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donorbox.org/assets/SourceSansPro-Regular-9a14ddaff6e051bd91ce7aed4f5b7fd0d6109530be12d039845e7cedcb8182bf.otf

Requested by

Host: donorbox.org
URL: https://donorbox.org/assets/application_embed-a5a8d12a77e9f5d96fc00008a78e609d05bef2559c932fc4cfc8de00f7a87242.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b096b47206d8f78a2c49af2f2ae46b35d93b0e3cf105a9febef59144aa2eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://donorbox.org/assets/application_embed-a5a8d12a77e9f5d96fc00008a78e609d05bef2559c932fc4cfc8de00f7a87242.css
Origin: https://donorbox.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 3755
strict-transport-security: max-age=63072000; includeSubDomains
content-length: 229588
last-modified: Tue, 24 Aug 2021 08:20:46 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/vnd.oasis.opendocument.formula-template
access-control-allow-origin: *
access-control-expose-headers
accept-ranges: bytes
cf-ray: 746e0aa56f479b52-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame FDDA 44 KB
44 KB 77ms
56ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,300,700,600,800,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donorbox.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 135174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 18:50:24 GMT

GET
H2 200 m-outer-32e959c98c4c0c17724528b7bd74ae2c.html Show response
js.stripe.com/v3/ Frame 1682 186 B
1 KB 32ms
31ms Document
text/html 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-32e959c98c4c0c17724528b7bd74ae2c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

749a21f6e8e5ffe3df34cb61b47310d2cb6bc942eaf018b0b27aaf1c6e80f6a1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 946
cache-control: max-age=31536000
content-length: 186
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 08:07:37 GMT
etag: "32e959c98c4c0c17724528b7bd74ae2c"
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
x-amz-cf-id: ZDRsk7gU80ePMSZsDkFzz8ObkYgf5pBMlLWLIslCjyj_iOnmxA4e5A==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 invisible.js Show response
donorbox.org/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 3121 36 KB
15 KB 28ms
27ms Script
application/javascript 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donorbox.org/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1662537600
Requested by: Host: d15lcw04.na1.hubspotlinks.com
URL: https://d15lcw04.na1.hubspotlinks.com/Ctc/DN%20113/d15lcW04/MWNWGJqrkxZN2QljLr8JnXmW3mxgk34PG7klN6klYWJ3q905V1-WJV7CgF26W1HJDS947PWYrW4PJHN63wrqq1W2YGQxQ2ZjxQDW50BkGn1J_-xkW7T6Yd33Vql4LTCvmm4Nbm85W3051fd1xhxplW5qBS8c8w103rW2M_TNS5Cn2PgW67cP8Q2PzQ-cW1vJCSB4RHc0QW2nWtc13WbMfCW1rGGZc3YZCVpW6l-9LW27dhHJW6K1TcW7sLh0YW7gSpHD8r1PnmN8cXNQ8GcqMVW2xtmYY4D4mlVW491n604Qd_TZW2SSGh26vh8hZW6pV40k6k8mSNN3Q-jF5DF_XcW95JNWv5Bb8dRW8927BT4nqWhT39MG1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd1e2037c801129941a039a6ea86c44555b13177dcc8f10f597218ffc5d93919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 746e0aa618449b52-FRA

GET
H2 200 controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html Show response
js.stripe.com/v3/ Frame D6B9 297 B
1 KB 32ms
31ms Document
text/html 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3668ea9372c9d814da730d2e3e0a01183123871124a70c0fba3803c77d68ec78

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 52
cache-control: max-age=60
content-length: 297
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 08:22:33 GMT
etag: "fb58bfd0add84ddf6d4d04b60c8ba9ed"
last-modified: Tue, 06 Sep 2022 18:34:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
x-amz-cf-id: dtQjBjUi0l8-Ku7aCMLvXR8xhj_jY8hxmuC8JOp79ZArhfJz-2TjRA==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-a0bc3c7dd2bf09b84537a09f4c7f72c4.html Show response
js.stripe.com/v3/ Frame 96EC 380 B
1 KB 32ms
31ms Document
text/html 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-a0bc3c7dd2bf09b84537a09f4c7f72c4.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a94a4de367870ba6bf0979c8edd088e26a127a654965e9547d72072dc3a40bec

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 10
cache-control: max-age=60
content-length: 380
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; font-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 08:23:08 GMT
etag: "a0bc3c7dd2bf09b84537a09f4c7f72c4"
last-modified: Tue, 06 Sep 2022 18:34:39 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
x-amz-cf-id: L0h8V9XWqbG_ojpjKfo-JD_MOm7YX0XgqvL8Y96k1qPnPr1BX-gnCA==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-91fd7b8d44ea913b20487b9c26a59261.html Show response
js.stripe.com/v3/ Frame C567 316 B
1 KB 32ms
31ms Document
text/html 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-91fd7b8d44ea913b20487b9c26a59261.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

57e60775734f76ca00b78ddb75733c7255e17617d1d3b0730c44577c92d2e5b8

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 26
cache-control: max-age=60
content-length: 316
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 08:22:53 GMT
etag: "91fd7b8d44ea913b20487b9c26a59261"
last-modified: Tue, 06 Sep 2022 18:34:39 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
x-amz-cf-id: zX0Hz0800obGWSwOlZTMsNYtvzyvSAp1DvsRC86u38H4IdxPbkG4sw==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html Show response
js.stripe.com/v3/ Frame 4C7E 297 B
1 KB 31ms
31ms Document
text/html 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3668ea9372c9d814da730d2e3e0a01183123871124a70c0fba3803c77d68ec78

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 52
cache-control: max-age=60
content-length: 297
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 08:22:33 GMT
etag: "fb58bfd0add84ddf6d4d04b60c8ba9ed"
last-modified: Tue, 06 Sep 2022 18:34:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
x-amz-cf-id: ldUgfpOe_x0O8IYIbBrEpAzve0kn5IOMgDIcx8kBVccXpfCOcPbVTw==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-e7ea7af755989d81ff099419358c5c47.html Show response
js.stripe.com/v3/ Frame 166B 756 B
2 KB 31ms
31ms Document
text/html 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

516537ae76dfbf9b6dea21b9de2ba86c2758b7b071da0d59a17ba06e2dfdfa04

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1771
cache-control: max-age=31536000
content-length: 756
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 07:53:47 GMT
etag: "e7ea7af755989d81ff099419358c5c47"
last-modified: Tue, 06 Sep 2022 18:34:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
x-amz-cf-id: uLe_SE7WcIeEDuTtzo0LzBTJpYKd4L7tsl-9f4Tab7l-mJvd_WPd5Q==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-e7ea7af755989d81ff099419358c5c47.html Show response
js.stripe.com/v3/ Frame 0300 756 B
2 KB 31ms
31ms Document
text/html 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

516537ae76dfbf9b6dea21b9de2ba86c2758b7b071da0d59a17ba06e2dfdfa04

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1771
cache-control: max-age=31536000
content-length: 756
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 07:53:47 GMT
etag: "e7ea7af755989d81ff099419358c5c47"
last-modified: Tue, 06 Sep 2022 18:34:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
x-amz-cf-id: T0bG3Aa3ALGwRPZJHC6gYpdd7H548g4V0pqkvrkY3GnYZ61SLQy4KQ==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-e7ea7af755989d81ff099419358c5c47.html Show response
js.stripe.com/v3/ Frame 0A91 756 B
2 KB 31ms
31ms Document
text/html 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

516537ae76dfbf9b6dea21b9de2ba86c2758b7b071da0d59a17ba06e2dfdfa04

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1771
cache-control: max-age=31536000
content-length: 756
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 07:53:47 GMT
etag: "e7ea7af755989d81ff099419358c5c47"
last-modified: Tue, 06 Sep 2022 18:34:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
x-amz-cf-id: -CdDakmX-a4QNXZPUHK9EszxxP8J07TRUHetWBKp__8ymJLpZfs0iQ==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 1682 0
570 B 783ms
368ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1682 0
571 B 782ms
368ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D6B9 0
570 B 781ms
371ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 invisible.js Show response
donorbox.org/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame FAA7 38 KB
16 KB 24ms
24ms Script
application/javascript 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donorbox.org/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1662537600
Requested by: Host: d15lcw04.na1.hubspotlinks.com
URL: https://d15lcw04.na1.hubspotlinks.com/Ctc/DN%20113/d15lcW04/MWNWGJqrkxZN2QljLr8JnXmW3mxgk34PG7klN6klYWJ3q905V1-WJV7CgF26W1HJDS947PWYrW4PJHN63wrqq1W2YGQxQ2ZjxQDW50BkGn1J_-xkW7T6Yd33Vql4LTCvmm4Nbm85W3051fd1xhxplW5qBS8c8w103rW2M_TNS5Cn2PgW67cP8Q2PzQ-cW1vJCSB4RHc0QW2nWtc13WbMfCW1rGGZc3YZCVpW6l-9LW27dhHJW6K1TcW7sLh0YW7gSpHD8r1PnmN8cXNQ8GcqMVW2xtmYY4D4mlVW491n604Qd_TZW2SSGh26vh8hZW6pV40k6k8mSNN3Q-jF5DF_XcW95JNWv5Bb8dRW8927BT4nqWhT39MG1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3205e098c0da41289eabe6cd80cb0f0227250af83930763e956cbeb2141c2ede

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 746e0aa688dd9b52-FRA

GET
H2 200 ts
t.paypal.com/ Frame E63A 42 B
811 B 254ms
167ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Bartim%C3%A9us%20Fonds%20%7C%20Pegamento%20-%20Donorbox&dh=1200&dw=1600&bh=900&bw=500&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1662538998803&g=0&completeurl=https%3A%2F%2Fdonorbox.org%2Fembed%2Fbartimeus-fonds&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 51294fa9b4d31
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4038-HHN
pragma: no-cache
traceparent: 00-000000000000000000051294fa9b4d31-fdb538987f38a11c-01
x-timer: S1662538999.902880,VS0,VE145
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 08:23:18 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 96EC 0
570 B 769ms
371ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 96EC 0
570 B 770ms
372ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C567 0
570 B 948ms
553ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C567 0
570 B 767ms
372ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4C7E 0
570 B 764ms
372ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 43ms
20ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.79

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: 7Uvr1VBkDHsUywJy8vdRqn/9NAQ3cScKw4brWrRiLq8hmZqdaHiyrOUjxE74ZU6prSdEZCs1iI5D2+CfwbcVkg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 07 Sep 2022 08:23:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 424026343020944 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 295ms
273ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/424026343020944?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ef7992b27b828250af5b535a7023abcd85a5da183106300bdb2b6239ddc2e4c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: xZRJt3HJCeAkQki7VZ9qzLeLvW+3gAYAht8gc+oIQjPQDcTq/SbOHfYcdngOeylNh3fMEEjqY1GR/PxcRtuMcQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 07 Sep 2022 08:23:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ 392 KB
156 KB 63ms
22ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pegamento.nl/
Origin: https://www.pegamento.nl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159560
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 05:20:34 GMT

GET
H3 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame AD21 42 KB
22 KB 74ms
36ms Document
text/html 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz&co=aHR0cHM6Ly9kb25vcmJveC5vcmc6NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=2ujgown3fo8f

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a36de6b0ef529172864e55bd6e6c062b6a304b1fbbe4e168f499aaf7f3f7a6e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ienntO-ZTLikhqV8HVxuiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22203
content-security-policy: script-src 'report-sample' 'nonce-ienntO-ZTLikhqV8HVxuiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 08:23:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame EF4B 7 KB
1 KB 65ms
30ms Document
text/html 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz&co=aHR0cHM6Ly9kb25vcmJveC5vcmc6NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=normal&cb=tmi830owokr2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c29b5913f8f57a885d8771462403f55628dbd303c3d834cc6d57a3202bf1c9d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6gOHOyWw_-2r_ML31-IsuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1039
content-security-policy: script-src 'report-sample' 'nonce-6gOHOyWw_-2r_ML31-IsuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 08:23:18 GMT
expires: Wed, 07 Sep 2022 08:23:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 m-outer-2b475bd91e0df7e195cf27f4f40365b0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1682 526 B
1021 B 31ms
31ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-2b475bd91e0df7e195cf27f4f40365b0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-32e959c98c4c0c17724528b7bd74ae2c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-32e959c98c4c0c17724528b7bd74ae2c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 42
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:37 GMT
content-length: 526
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: yXgYwhTOnNz3oIw0rnbfVuOzk87PDaJ_Mzk4clr5rI5UpDefCtMaxg==

POST
H2 200 csp-report
q.stripe.com/ Frame 166B 0
570 B 706ms
373ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 166B 0
570 B 884ms
551ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-d04048382d85e50076b5ffe5e2f749f4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D6B9 264 KB
63 KB 34ms
34ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

38a5240977bd9ad3a985943cb38addb85404f5ae1b8a3c9538251bcf13726615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 20
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:04 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Cloudfront
etag: W/"e837fe1e00d602448ad55f845b8382b6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: 6vsSX31i1vmBpnL_G15xbBA2xTWinJLgonz3JAG-Pvo-8BDZIFfHaA==

GET
H2 200 controller-0a523f6779414bf62b058043fedac52c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D6B9 379 KB
93 KB 49ms
49ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-0a523f6779414bf62b058043fedac52c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

06040ab5e95464c8027382b37d126569fddd3e2ca3f0e339b7308a0789852a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 38
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:41 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:36 GMT
server: Cloudfront
etag: W/"9bc35296bc8e8f57986e78e0e0e7d66c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: 5G32at7ZAUlkdR2YxhrAHDouLiB7mWs7-zKWFTv9avfsIwyWpt504w==

POST
H2 200 csp-report
q.stripe.com/ Frame 0300 0
570 B 881ms
552ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 0300 0
570 B 882ms
553ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 0A91 0
570 B 700ms
373ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 0A91 0
570 B 697ms
370ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 rum Show response
donorbox.org/cdn-cgi/ Frame FDDA 0
193 B 22ms
22ms XHR
text/plain 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donorbox.org/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://donorbox.org/embed/bartimeus-fonds?only_donor_wall=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type: application/json

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://donorbox.org
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 746e0aa709cd9b52-FRA
vary: Origin

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 96EC 102 KB
33 KB 141ms
73ms Script
application/javascript 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-a0bc3c7dd2bf09b84537a09f4c7f72c4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd1552183732ebda25cb0cdd87314fb2f23a25baf59222d2c3b94843f7155e91

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JN_0q55gPcR1cW7EmwroXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-JN_0q55gPcR1cW7EmwroXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
expires: Wed, 07 Sep 2022 08:23:18 GMT

GET
H2 200 shared-d04048382d85e50076b5ffe5e2f749f4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 96EC 264 KB
63 KB 62ms
61ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-a0bc3c7dd2bf09b84537a09f4c7f72c4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

38a5240977bd9ad3a985943cb38addb85404f5ae1b8a3c9538251bcf13726615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-a0bc3c7dd2bf09b84537a09f4c7f72c4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 20
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:04 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Cloudfront
etag: W/"e837fe1e00d602448ad55f845b8382b6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: ttyejQWMQLZVoFXm8XYILxSPCasAcV2rWJSk_QvE3HtkVNMMjPfxPw==

GET
H2 200 payment-request-inner-google-pay-a6359c1a419aa192d6ac1577e2077c70.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 96EC 14 KB
5 KB 83ms
81ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-a6359c1a419aa192d6ac1577e2077c70.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-a0bc3c7dd2bf09b84537a09f4c7f72c4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

29c961d257f40c844151a90318935f2ee0a9a426b3b94b76a2bd3cc94cacb580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-a0bc3c7dd2bf09b84537a09f4c7f72c4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 31
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:48 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Cloudfront
etag: W/"1ccf1ab3392194938d347cd8c3741113"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: BVLTVgrBqwprTUP_gRMNbwsJRRR1ek39X8kKLR1mt4P24xKedzrZvw==

GET
H2 200 shared-d04048382d85e50076b5ffe5e2f749f4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C567 264 KB
63 KB 76ms
74ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-91fd7b8d44ea913b20487b9c26a59261.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

38a5240977bd9ad3a985943cb38addb85404f5ae1b8a3c9538251bcf13726615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-91fd7b8d44ea913b20487b9c26a59261.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 20
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:04 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Cloudfront
etag: W/"e837fe1e00d602448ad55f845b8382b6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: gmIccSq6ISiAHx_kH3nABjHshUD-NX0Jqk-ikKZMwfi8NROT8ZmfLg==

GET
H2 200 payment-request-inner-browser-d340b05eeb7e1914268e071ca52db55d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C567 12 KB
5 KB 96ms
95ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-d340b05eeb7e1914268e071ca52db55d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-91fd7b8d44ea913b20487b9c26a59261.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8c3392e876d4b5c778e0d0ae787502252e3353b59149063e1f6a1a85216cb9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-91fd7b8d44ea913b20487b9c26a59261.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 32
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:18 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Cloudfront
etag: W/"13563263f55505d5822aae879d83b8c6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: 4x62m1buD5wyPxFgYrJbGQ16lu0xTA2aEaCF2gRzp61bW0cqmHU7dA==

GET
H2 200 shared-d04048382d85e50076b5ffe5e2f749f4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4C7E 264 KB
63 KB 84ms
83ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

38a5240977bd9ad3a985943cb38addb85404f5ae1b8a3c9538251bcf13726615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 20
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:04 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Cloudfront
etag: W/"e837fe1e00d602448ad55f845b8382b6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: 6eexY7R4m3zmoyPGJxwEbrRl1p1aGTv_Wa717BFOjyLWF-NSsS0Cqg==

GET
H2 200 controller-0a523f6779414bf62b058043fedac52c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4C7E 379 KB
93 KB 89ms
88ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-0a523f6779414bf62b058043fedac52c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

06040ab5e95464c8027382b37d126569fddd3e2ca3f0e339b7308a0789852a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 38
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:41 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:36 GMT
server: Cloudfront
etag: W/"9bc35296bc8e8f57986e78e0e0e7d66c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: DiHX6ixOVVwmlKYUr_VzlKCM8lN_MC3Gja-OgIVt9H8KkpKBlI6lnw==

GET
H2 200 eeada1ff17164ab7aee847a4a5a35b8a Show response
app.hubspot.com/conversations-visitor/9343506/threads/utk/ Frame 665C 49 KB
18 KB 151ms
150ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/9343506/threads/utk/eeada1ff17164ab7aee847a4a5a35b8a?uuid=6d02b0ffeeb9448a96f1a438071cef84&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=pegamento.nl&inApp53=false&messagesUtk=eeada1ff17164ab7aee847a4a5a35b8a&url=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

818bb8dd7789e61530b541504fde932dac3deaef14d12e2af0e7cde78bf3bf1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.pegamento.nl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 132
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 746e0aa71b4bbb8b-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.13130/html/index.html&cfRay=746e0aa71b4bbb8b&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F9343506%2Fthreads%2Futk%2Feeada1ff17164ab7aee847a4a5a35b8a%3Fuuid%3D6d02b0ffeeb9448a96f1a438071cef84%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dpegamento.nl%26inApp53%3Dfalse%26messagesUtk%3Deeada1ff17164ab7aee847a4a5a35b8a%26url%3Dhttps%253A%252F%252Fwww.pegamento.nl%252Fbartimeus-fonds%252F%253Futm_campaign%253DPers%25252Fnieuws%2526utm_medium%253Demail%2526_hsmi%253D225236351%2526_hsenc%253Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%2526utm_content%253D225236351%2526utm_source%253Dhs_email%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwww.pegamento.nl%2F&cfenv=prod&pdt=2022-09-07&csp=ro
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 08:23:19 GMT
etag: W/"569db62d32e82f9b7b1f7ca690d6ebfb"
last-modified: Thu, 25 Aug 2022 01:43:09 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=746e0aa71b4bbb8b&resource=conversations-visitor-ui/static-1.13130/html/index.html"}]}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 42da47d5828a8cbe9a05fbe7917a66c2.cloudfront.net (CloudFront)
x-amz-cf-id: bhBW4F0IcTkKBLpS0tdyxUneC7rEIZBqaqDo7SwBYi8Bh0eL-OyngA==
x-amz-cf-pop: IAD55-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: 4kKrSl80YetGU3R_qbAmDKxmjmuSYEVe
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.13130/html/index.html
x-hs-worker-debug-mode: false

GET
H2 200 ui-shared-1104b2481ba0bac028499b76824b8032.css
js.stripe.com/v3/fingerprinted/css/ Frame 166B 19 KB
4 KB 78ms
77ms Stylesheet
text/css 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1104b2481ba0bac028499b76824b8032.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 17
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:12 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 19:46:01 GMT
server: Cloudfront
etag: W/"ac79e433d75898d8e3712ae684cf6c65"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: NQ4yiD7DcA5H9aPVnf9sikIZwNv8qPGOZWTvWChKrIuwXl3s9XVgZw==

GET
H2 200 elements-inner-card-e027c43d873d66e9278cc45918746cfd.css
js.stripe.com/v3/fingerprinted/css/ Frame 166B 6 KB
2 KB 79ms
77ms Stylesheet
text/css 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-e027c43d873d66e9278cc45918746cfd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9028691aaafdcbba25e0fc8e7867044e86dd25efad1f9edeb848499babfea23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 32
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:50 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 19:46:01 GMT
server: Cloudfront
etag: W/"43a62ceb376c398b56fffc38d8e8c10d"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: 1SkD0xgEE6v_unk8efqcXF0kgIHq-MQpRci1L4niO8LDCeTBLS-i2g==

GET
H2 200 shared-d04048382d85e50076b5ffe5e2f749f4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 166B 264 KB
63 KB 81ms
80ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

38a5240977bd9ad3a985943cb38addb85404f5ae1b8a3c9538251bcf13726615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 20
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:04 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Cloudfront
etag: W/"e837fe1e00d602448ad55f845b8382b6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: 6QcucY2Nj7yg9K7wwOruyarBSCL1D9Qp9X8hp-TSCq0CIBi_pk4uAA==

GET
H2 200 ui-shared-da0d5b706c1e1e84cfaba2439ce7c488.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 166B 202 KB
59 KB 88ms
86ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-da0d5b706c1e1e84cfaba2439ce7c488.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1aa6e908cce067eda3ecc67b493bd30a6ed61ff791b475cd4b8ca42cb718189d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 46
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:39 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 18:36:32 GMT
server: Cloudfront
etag: W/"090fde197421fa4da5a440a773057df2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: RK6TT4cderHzuQZ-_WstNSc3bYI1V9XyqhTja0DEDy7XFRlEPU9Hgg==

GET
H2 200 elements-inner-card-3dd2ca0e2176afb548fe227bd0f5e0ab.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 166B 53 KB
14 KB 79ms
78ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-3dd2ca0e2176afb548fe227bd0f5e0ab.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7e199aa277cc52f2c8153b60d26faf7b40b9f91961ebb43b15e26fbe43c06d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 54
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:39 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:36 GMT
server: Cloudfront
etag: W/"4e163ceed5ed60926c9e13493c5b6bb8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: eVuR3optGZyJO2cEJ6TYqh9JnaLe9NW8Riv0CMpXZ-HGXufMtxRphw==

GET
H2 200 ui-shared-1104b2481ba0bac028499b76824b8032.css
js.stripe.com/v3/fingerprinted/css/ Frame 0300 19 KB
3 KB 85ms
83ms Stylesheet
text/css 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1104b2481ba0bac028499b76824b8032.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 17
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:12 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 19:46:01 GMT
server: Cloudfront
etag: W/"ac79e433d75898d8e3712ae684cf6c65"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: cJnspsaKaiUgRo5WgE70eGroZMpFPom0ts0tKE4w_2L3THui11SaBw==

GET
H2 200 elements-inner-card-e027c43d873d66e9278cc45918746cfd.css
js.stripe.com/v3/fingerprinted/css/ Frame 0300 6 KB
2 KB 91ms
89ms Stylesheet
text/css 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-e027c43d873d66e9278cc45918746cfd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9028691aaafdcbba25e0fc8e7867044e86dd25efad1f9edeb848499babfea23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 32
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:50 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 19:46:01 GMT
server: Cloudfront
etag: W/"43a62ceb376c398b56fffc38d8e8c10d"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: 3YrYgibuSx-wrMNkR3Q1cab4a1LIEFlOfdyannYik4QNDrYFUDn-XQ==

GET
H2 200 shared-d04048382d85e50076b5ffe5e2f749f4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0300 264 KB
63 KB 90ms
88ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

38a5240977bd9ad3a985943cb38addb85404f5ae1b8a3c9538251bcf13726615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 20
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:04 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Cloudfront
etag: W/"e837fe1e00d602448ad55f845b8382b6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: h1Y4358c3br83hMBdINKlilTG04BFWXuV-2eJFAstG4upSnabgQs4w==

GET
H2 200 ui-shared-da0d5b706c1e1e84cfaba2439ce7c488.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0300 202 KB
59 KB 91ms
90ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-da0d5b706c1e1e84cfaba2439ce7c488.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1aa6e908cce067eda3ecc67b493bd30a6ed61ff791b475cd4b8ca42cb718189d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 46
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:39 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 18:36:32 GMT
server: Cloudfront
etag: W/"090fde197421fa4da5a440a773057df2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: RVk-8zgMDxxyeP4N7klvjxBXcQjggaRoS1u1sz6mLVMycIbnrKSQ8Q==

GET
H2 200 elements-inner-card-3dd2ca0e2176afb548fe227bd0f5e0ab.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0300 53 KB
14 KB 93ms
91ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-3dd2ca0e2176afb548fe227bd0f5e0ab.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7e199aa277cc52f2c8153b60d26faf7b40b9f91961ebb43b15e26fbe43c06d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 54
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:39 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:36 GMT
server: Cloudfront
etag: W/"4e163ceed5ed60926c9e13493c5b6bb8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: G2C5m77Jt17YYDXKcTYiR9y8g3oWT4qB7Lv7EkVqkXqoi85eFJFv4A==

GET
H2 200 ui-shared-1104b2481ba0bac028499b76824b8032.css
js.stripe.com/v3/fingerprinted/css/ Frame 0A91 19 KB
4 KB 94ms
92ms Stylesheet
text/css 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1104b2481ba0bac028499b76824b8032.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 17
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:12 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 19:46:01 GMT
server: Cloudfront
etag: W/"ac79e433d75898d8e3712ae684cf6c65"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: M7vDJmIURZ_NAmr-TLo9mzfIn7xVS7FMEZVvTVAevv3nTbH3b4_OXg==

GET
H2 200 elements-inner-card-e027c43d873d66e9278cc45918746cfd.css
js.stripe.com/v3/fingerprinted/css/ Frame 0A91 6 KB
2 KB 94ms
93ms Stylesheet
text/css 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-e027c43d873d66e9278cc45918746cfd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9028691aaafdcbba25e0fc8e7867044e86dd25efad1f9edeb848499babfea23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 32
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:50 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 19:46:01 GMT
server: Cloudfront
etag: W/"43a62ceb376c398b56fffc38d8e8c10d"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: MJsW0FVkCMynv6UOUbZTbKNlRbl4OC02_L1V_nd5ZDanIrcj2-Toeg==

GET
H2 200 shared-d04048382d85e50076b5ffe5e2f749f4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0A91 264 KB
63 KB 95ms
93ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

38a5240977bd9ad3a985943cb38addb85404f5ae1b8a3c9538251bcf13726615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 20
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:04 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Cloudfront
etag: W/"e837fe1e00d602448ad55f845b8382b6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: ivy1i9kJnGg325DcnoeCVyJ1LWebkoWDoK1BsMgZ4KYpA0h_7Cw7gg==

GET
H2 200 ui-shared-da0d5b706c1e1e84cfaba2439ce7c488.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0A91 202 KB
59 KB 97ms
96ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-da0d5b706c1e1e84cfaba2439ce7c488.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1aa6e908cce067eda3ecc67b493bd30a6ed61ff791b475cd4b8ca42cb718189d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 46
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:39 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 18:36:32 GMT
server: Cloudfront
etag: W/"090fde197421fa4da5a440a773057df2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: dP_EOwxxc-rPVk_Yk9AKftLYUsJwkkNo_Z2pKy_dxedXNY9W14JHrw==

GET
H2 200 elements-inner-card-3dd2ca0e2176afb548fe227bd0f5e0ab.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0A91 53 KB
14 KB 99ms
98ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-3dd2ca0e2176afb548fe227bd0f5e0ab.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7e199aa277cc52f2c8153b60d26faf7b40b9f91961ebb43b15e26fbe43c06d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 54
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:39 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:36 GMT
server: Cloudfront
etag: W/"4e163ceed5ed60926c9e13493c5b6bb8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: MS0MSDAN664GvHAOSdnAQv6iKilnDxFiUTxvmLwbWsOW6LS9lRfoFQ==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0ACE 930 B
2 KB 124ms
21ms Document
text/html 2600:9000:2057:f800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-2b475bd91e0df7e195cf27f4f40365b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:f800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 205
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 08:19:55 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-id: GvvN2zWV4zw91ZPwXRZIL7kLGuk7eA40LJ6zRZBN0ehQEi7mTLw1sg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 pica.js
donorbox.org/cdn-cgi/challenge-platform/h/b/scripts/ Frame 3121 20 KB
8 KB 37ms
36ms Other
application/javascript 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donorbox.org/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da5f4a5bfc99cc46e4d44de57ef67ba975c6700e7de05ec398c5ad029ebea6eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 746e0aa75a3a9b52-FRA

GET
H2 200 pica.js
donorbox.org/cdn-cgi/challenge-platform/h/b/scripts/ Frame FAA7 21 KB
8 KB 24ms
24ms Other
application/javascript 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donorbox.org/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47865a20990325193674cc833ba07c4cae9c59946f571695019f0ffa4f0d6182

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:18 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 746e0aa77a5a9b52-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ Frame EF4B 52 KB
24 KB 61ms
21ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz&co=aHR0cHM6Ly9kb25vcmJveC5vcmc6NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=normal&cb=tmi830owokr2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:20:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 06:20:58 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ Frame EF4B 392 KB
156 KB 58ms
20ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159560
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 05:20:34 GMT

GET
H2 200 1489-8b86da401d493fc7478fbafda5019691.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D6B9 231 KB
47 KB 37ms
36ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/1489-8b86da401d493fc7478fbafda5019691.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-0a523f6779414bf62b058043fedac52c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 34
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:04 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 18:47:07 GMT
server: Cloudfront
etag: W/"ab675b71d19378124fcdf3c0f6dad353"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: G4x4b7G0ptg1l968BmhLJfLKIKifVAH8hVWegrTwYycYFhPz606oOA==

GET
H2 200 phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D6B9 2 KB
1 KB 39ms
39ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-0a523f6779414bf62b058043fedac52c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 45
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:34 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Wed, 24 Aug 2022 16:15:27 GMT
server: Cloudfront
etag: W/"f1717e2e478c68d16ccd7b37768700be"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: 1_BCfYtOPygYjwgwlEmS8yq8BoDYh-ibrykZN-_6Zz28ciiX3qaF6Q==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame D6B9 474 B
864 B 120ms
57ms Fetch
application/json 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-126.vie50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 13585a323a184c14d9902621b7bb9594c50f78397a772715683825ae1dd427e7

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Sep 2022 08:22:36 GMT
via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:52:52 GMT
server: Cloudfront
age: 50
etag: "5ccaadff0873d014353311faa1326dbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 474
x-amz-cf-id: oAAxR_gXLjehWO68a__LkiNmUNgkfayzIkhip5WN9GDGS7x5y2jzsw==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ Frame AD21 52 KB
24 KB 24ms
24ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:20:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 06:20:58 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ Frame AD21 392 KB
156 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159560
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 05:20:34 GMT

GET
H2 200 nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame D6B9 69 KB
16 KB 84ms
58ms Fetch
application/json 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba5fb2839222a6f49aeb183317ecb19b2b981036dc8128835e919ed2db0ee525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 18
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:19 GMT
via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 19:46:02 GMT
server: Cloudfront
etag: W/"21ca1fd2bd0a69e0c2428af8cd231c5f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: V3L5_TJu-eY_hrOzTnz9_aFtmRgC-LcRPBbwDRKnI308yhylRLfM4Q==

GET
H2 200 nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame D6B9 69 KB
16 KB 92ms
67ms Fetch
application/json 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba5fb2839222a6f49aeb183317ecb19b2b981036dc8128835e919ed2db0ee525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 18
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:19 GMT
via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 19:46:02 GMT
server: Cloudfront
etag: W/"21ca1fd2bd0a69e0c2428af8cd231c5f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: rCEsUJNEdjWs39dRlxQrsvMlSXIUOF9aW1_XQaPlVkBs5HN5rR4vuw==

GET
H2 200 1489-8b86da401d493fc7478fbafda5019691.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4C7E 231 KB
47 KB 62ms
61ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/1489-8b86da401d493fc7478fbafda5019691.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-0a523f6779414bf62b058043fedac52c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 35
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:04 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 18:47:07 GMT
server: Cloudfront
etag: W/"ab675b71d19378124fcdf3c0f6dad353"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: uoPYr_mXhDEUguzcJJLc344pUEkbyMwUtTi8Fde1uMr-n_nWxzp7-g==

GET
H2 200 phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4C7E 2 KB
1 KB 65ms
64ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-0a523f6779414bf62b058043fedac52c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 46
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:34 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Wed, 24 Aug 2022 16:15:27 GMT
server: Cloudfront
etag: W/"f1717e2e478c68d16ccd7b37768700be"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: 8xGvheB78b6vEFOhhkhqM35D7bXor8OvEBF7acLucYZWYhPQGc6usw==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 4C7E 474 B
864 B 49ms
49ms Fetch
application/json 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-126.vie50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 13585a323a184c14d9902621b7bb9594c50f78397a772715683825ae1dd427e7

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Sep 2022 08:22:36 GMT
via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:52:52 GMT
server: Cloudfront
age: 50
etag: "5ccaadff0873d014353311faa1326dbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 474
x-amz-cf-id: jx60v-U4BSnTvpqgVYME-v-SWg9xm_ij3hNWWuj8a90rwJTGPB9Bog==

GET
H2 200 nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 166B 69 KB
16 KB 33ms
32ms Fetch
application/json 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba5fb2839222a6f49aeb183317ecb19b2b981036dc8128835e919ed2db0ee525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 18
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:19 GMT
via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 19:46:02 GMT
server: Cloudfront
etag: W/"21ca1fd2bd0a69e0c2428af8cd231c5f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: t7MsuO9S3kyLSO3_FnyzGJAmnpUxxqh-IsEDC7beAI3_3vWacpKgmw==

POST
H2 200 csp-report
q.stripe.com/ Frame 0ACE 0
344 B 411ms
373ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 08:23:19 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 0300 69 KB
16 KB 36ms
35ms Fetch
application/json 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba5fb2839222a6f49aeb183317ecb19b2b981036dc8128835e919ed2db0ee525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 18
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:19 GMT
via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 19:46:02 GMT
server: Cloudfront
etag: W/"21ca1fd2bd0a69e0c2428af8cd231c5f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: No9b8xACjZqiuxc0s0_iR53LxlN_Q8pvwf_sZo976GYIrTREvROQRQ==

GET
H2 200 nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 0A91 69 KB
16 KB 36ms
35ms Fetch
application/json 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba5fb2839222a6f49aeb183317ecb19b2b981036dc8128835e919ed2db0ee525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-e7ea7af755989d81ff099419358c5c47.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 18
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:19 GMT
via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 19:46:02 GMT
server: Cloudfront
etag: W/"21ca1fd2bd0a69e0c2428af8cd231c5f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: _tIne3OyKOlIjuW7iY8h-dmrny0piTIKxA34AO_6KUaqAMYzYod35Q==

POST
H2 200 746e0aa2dafb9b52 Show response
donorbox.org/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 3121 2 B
358 B 57ms
57ms XHR
text/plain 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donorbox.org/cdn-cgi/challenge-platform/h/b/cv/result/746e0aa2dafb9b52
Requested by: Host: donorbox.org
URL: https://donorbox.org/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1662537600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 746e0aaa9f289b52-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.228/ Frame 665C 44 KB
16 KB 87ms
38ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.228/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/9343506/threads/utk/eeada1ff17164ab7aee847a4a5a35b8a?uuid=6d02b0ffeeb9448a96f1a438071cef84&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=pegamento.nl&inApp53=false&messagesUtk=eeada1ff17164ab7aee847a4a5a35b8a&url=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1590f52adb0ff3eb1a5d0c1a0ef0c1f60d8451c3510fc44bd316919e5daf705f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
via: 1.1 eaa1b95207b7e17a6ad05a7c45014762.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1777636
x-amz-server-side-encryption: AES256
cf-ray: 746e0aaafab25b98-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 17 Aug 2022 17:59:37 GMT
server: cloudflare
etag: W/"a89d377892af6ffd98853ca900af1878"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeUb4RDJ0kunEwJBCOdO7mKwh0eSlChZbFo6QV3KJLOIKeZDCh23kLllz5GveMvJhqSXt4JQ2b376VzN6G4eC6zU2QAcm8Iohmrt3UJTCkrgBIpTkdOJRzNrXxuhmpW1W1NwBciDml7GJXofATZgUhrLS%2Bs%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: YgJkZg_L_.XRhLttFb7qTxNzd.lQeUxX
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: MUC50-C1
content-type: application/javascript
x-amz-cf-id: kaEi35aKydKir2eLnGS_Sp4xZqUxZ1uzSIQSf_FGH2cdgDveon9Wcw==
expires: Thu, 07 Sep 2023 08:23:19 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/ Frame 665C 20 KB
4 KB 84ms
35ms Stylesheet
text/css 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
via: 1.1 cba87929a659f0e0a8a2cdc0b7cb22ae.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1732468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:41 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imo6TQGNASfidyH%2FNbT7BYwFWChk1zthf93Fvv6gvu0AVxgG0wC0kXIDYhTnjznAYEz%2ByXYtipo2vjS2bxh4kETkK3gLVoUqMj0xUb4KDyTn8EBedLrZVmZwMMfPBwkyX6N6VuuX27lOVsyTcbmgrHQp7ww%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LgyvJN0nZOCplqIYlCYJJ1cibXdW_3K_
cache-control: public, max-age=31536000
x-amz-cf-pop: HEL51-P2
cf-ray: 746e0aaafabf9046-FRA
x-amz-cf-id: pUn2MIDrESb4MIntLPEl6MZiXWuBFxCOZQg2xX_pvNgIQ4-MB4VHow==
expires: Thu, 07 Sep 2023 08:23:19 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.312/ Frame 665C 295 KB
94 KB 85ms
37ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.312/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

338be55e09986b74b0abf67ba0d09e117698bc411529b3da8f0783a349461bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
via: 1.1 64d18a7c557f9140c04169b7191025f8.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 54874
x-amz-server-side-encryption: AES256
cf-ray: 746e0aaafab55b98-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Aug 2022 01:31:38 GMT
server: cloudflare
etag: W/"24368d9bf0991b15f75e817302381e9e"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p29Va13c5WO4WHNxt9ye45ChHGJOwcAb5jAaS2cymLsRhgf710fRvTLZ8pgrdOHdJvcw30FFmKUqd0CYayfiLw1STf43%2F9EDrssBiNazFE5TYzuy1aiQQjasyBBKI8gOcYv5sRLOg8C4dvhBgOnXb8Z%2FFus%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: tGv9d32FqDJZMi1TXjkihXz8ATz_W19h
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: TXL50-P4
content-type: application/javascript
x-amz-cf-id: ctXWiHT0jPBalaMWYmLrf3VGzKqNSqUOWKIaUCzEMUTPuTS1KfUFyQ==
expires: Thu, 07 Sep 2023 08:23:19 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.13130/bundles/ Frame 665C 508 KB
149 KB 87ms
38ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13130/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f9c20e7e3fa6dc6a21aaa3e9b025d2b734d4def2dd4fdbbb37cea01f1848075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1104004
x-amz-server-side-encryption: AES256
cf-ray: 746e0aaafab65b98-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 25 Aug 2022 12:59:17 GMT
server: cloudflare
etag: W/"66c6b56f51446aa179536d50b93dc18f"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2hM%2FQGhjIhaIQtTaFCD8yUgQK%2FsNQVz0FSF8OtzSpJriIpKyxFHoB9XtPz3Nb1vAStkIZv6ogV3AQXIiOpbnGMesVQxtmuGmV59oCl%2F108YWomDncRidyuEbgmCxMIQ%2FlGtAWX8FahLZUguYbP0d%2BVuomw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: uc.gK9keAAPPtvGHllm.3hPsq_zi_tUb
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: MUC50-P2
content-type: application/javascript
x-amz-cf-id: xse_92dSDO65ewm47NehFS4IZtk0Ay6vvu6uel5X3gehkKu1wiBobw==
expires: Thu, 07 Sep 2023 08:23:19 GMT

GET
H2 200 nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 4C7E 69 KB
16 KB 36ms
36ms Fetch
application/json 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba5fb2839222a6f49aeb183317ecb19b2b981036dc8128835e919ed2db0ee525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 18
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:19 GMT
via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 19:46:02 GMT
server: Cloudfront
etag: W/"21ca1fd2bd0a69e0c2428af8cd231c5f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: F5eVFxoOh4gfTDSLu8yv4FZbg-8pcRAjRRgsaLjiC-PPr65YTRNppw==

GET
H2 200 nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 4C7E 69 KB
16 KB 36ms
36ms Fetch
application/json 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba5fb2839222a6f49aeb183317ecb19b2b981036dc8128835e919ed2db0ee525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-fb58bfd0add84ddf6d4d04b60c8ba9ed.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 18
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:19 GMT
via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 19:46:02 GMT
server: Cloudfront
etag: W/"21ca1fd2bd0a69e0c2428af8cd231c5f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: bh4V40lWrVuoQOwSQVsdeVfQeqMXrAjeWWB1p8dM9GnCfKD9o3k-nQ==

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AD21 2 KB
2 KB 18ms
18ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 48211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 13 Sep 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AD21 15 KB
15 KB 57ms
18ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 54998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 06 Sep 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AD21 15 KB
15 KB 62ms
23ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 122520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 22:21:19 GMT

POST
H2 200 746e0aa2dafd9b52 Show response
donorbox.org/cdn-cgi/challenge-platform/h/b/cv/result/ Frame FAA7 2 B
312 B 53ms
53ms XHR
text/plain 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donorbox.org/cdn-cgi/challenge-platform/h/b/cv/result/746e0aa2dafd9b52
Requested by: Host: donorbox.org
URL: https://donorbox.org/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1662537600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 746e0aac499a9b52-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 0ACE 86 KB
14 KB 23ms
23ms Script
text/javascript 2600:9000:2057:f800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:f800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
age: 254
date: Wed, 07 Sep 2022 08:19:06 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: f-8XbTPfKtmw9iNQI9ZzwacKd19SkkLlliHxob38X93iyIobICQSrQ==
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame AD21 102 B
134 B 28ms
28ms Other
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=duyHVVR9Brf6N2GewjkPRfsA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3444cd05f786fc062fcb5c164604566935c9c5b25706eeab6189b3a0f37d058d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz&co=aHR0cHM6Ly9kb25vcmJveC5vcmc6NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=2ujgown3fo8f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 07 Sep 2022 08:23:19 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 208ms
194ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 205ms
191ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 207ms
195ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 206ms
194ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 207ms
195ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 204ms
193ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 205ms
194ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 204ms
193ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 202ms
192ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 203ms
193ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 202ms
193ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 201ms
192ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 5D69 18 KB
7 KB 137ms
86ms Document
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62030bea6efa6342975afe088a81c0921dcaf68a0f998d9f293be4c175cbb2cd

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-zdVjnq_0U4qkJEwLflS1WQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-zdVjnq_0U4qkJEwLflS1WQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 07 Sep 2022 08:23:19 GMT
expires: Wed, 07 Sep 2022 08:23:19 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 95ms
31ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=424026343020944&ev=PageView&dl=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&rl=&if=false&ts=1662538999785&sw=1600&sh=1200&ud[external_id]=ea4a49825475933b1b23ba97302afb50&v=2.9.79&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1662538999783.1116344681&it=1662538998818&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 07 Sep 2022 08:23:19 GMT

GET
H2 200 afbeelding-1-768x768.png
www.pegamento.nl/wp-content/uploads/2022/07/ 776 KB
777 KB 120ms
119ms Image
image/png 2606:4700:20::681a:331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pegamento.nl/wp-content/uploads/2022/07/afbeelding-1-768x768.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:331 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9756e1b2851d0d938d30b35109ca95cd3f33ab087e8b9dba17f1bd8c12a4caec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:19 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Jul 2022 11:53:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9n8CRYLNXC9QrzxZj6U5SdiWObjyzbxFaLcS%2BtmnWh05oZuj8WtmTZojWRi7DKJvItIxhDejy1cJEtFwA%2FTgQy%2FvL97Ia%2FXk4R13Rz3eDJlzG6dad14IucTOqV3NgXUQBlacrww%2BwG1zWc3r5sQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 746e0aaccc03bbbb-FRA
content-length: 794621

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 189ms
188ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 189ms
189ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 317ms
317ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 318ms
318ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 317ms
317ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 318ms
318ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 317ms
317ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 319ms
319ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 316ms
316ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 317ms
317ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 318ms
318ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 317ms
317ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 318ms
318ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 317ms
317ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 316ms
316ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 318ms
317ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 318ms
317ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 317ms
317ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 317ms
317ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 293ms
293ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 290ms
290ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4C7E 0
127 B 277ms
276ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.13109/ Frame 665C 776 B
1 KB 77ms
50ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13109/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.13130/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d2c44d306bebe99b644ddf549cf9e1b903b74a23722a2160df230678e772362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
via: 1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1104004
x-amz-server-side-encryption: AES256
cf-ray: 746e0aaddceb9b37-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 20:37:16 GMT
server: cloudflare
etag: W/"fbd6597e721657bf1cc5c96c50504af1"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nB71DX%2FzUV0e5UMUK0PgZGOEw2fdsTPO7AwFtt%2BGA5GZCPpIcoXWkMy80dwY9%2BgOj%2FKbocQCdApi4yGf4mz1nFnyVCFlZwaponYrGk0NHfOPhTrIwfw2EKLjOo3DO3UfS8QFm0KXvel0FPumMKqdNL1%2BpRg%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: sl3a7FgaUJ.HMt1RBBDHTXfo_ppY5Div
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: MUC50-P2
content-type: application/javascript
x-amz-cf-id: Gz20AueTWFmocFunhQF-YGWh2fdzBHIwK_yt0se0Bt4GASC5er36jA==
expires: Thu, 07 Sep 2023 08:23:20 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 5D69 2 KB
2 KB 25ms
25ms Other
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: d15lcw04.na1.hubspotlinks.com
URL: https://d15lcw04.na1.hubspotlinks.com/Ctc/DN%20113/d15lcW04/MWNWGJqrkxZN2QljLr8JnXmW3mxgk34PG7klN6klYWJ3q905V1-WJV7CgF26W1HJDS947PWYrW4PJHN63wrqq1W2YGQxQ2ZjxQDW50BkGn1J_-xkW7T6Yd33Vql4LTCvmm4Nbm85W3051fd1xhxplW5qBS8c8w103rW2M_TNS5Cn2PgW67cP8Q2PzQ-cW1vJCSB4RHc0QW2nWtc13WbMfCW1rGGZc3YZCVpW6l-9LW27dhHJW6K1TcW7sLh0YW7gSpHD8r1PnmN8cXNQ8GcqMVW2xtmYY4D4mlVW491n604Qd_TZW2SSGh26vh8hZW6pV40k6k8mSNN3Q-jF5DF_XcW95JNWv5Bb8dRW8927BT4nqWhT39MG1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/api2/ Frame AD21 32 KB
18 KB 58ms
57ms XHR
application/json 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/reload?k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5c70c7f5bb5281b1ec82f1009d84a0ffa804103e19f33407c2deff6f7c4426fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz&co=aHR0cHM6Ly9kb25vcmJveC5vcmc6NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=2ujgown3fo8f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18493
x-xss-protection: 1; mode=block
expires: Wed, 07 Sep 2022 08:23:20 GMT

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrg... Frame 5D69 153 KB
54 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSuOt9tqUTkNYyFqb5gchlLOHIqQ/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e66f56d5ec2d2644d187fef977d63bda0bf8ca42a21b74564ac7067f0c0f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55211
x-xss-protection: 0
last-modified: Sat, 03 Sep 2022 01:40:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Sep 2023 16:22:33 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 0ACE 156 B
522 B 570ms
189ms XHR
application/json 54.148.34.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.34.38 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-34-38.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6eb4f0aaf268e7b446a1ec2a346df2727212cbb81b6d61ed9b64216fc9aba631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 conversations-visitor-ui-lang-nl.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.13109/ Frame 665C 12 KB
5 KB 27ms
27ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13109/conversations-visitor-ui-lang-nl.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.13130/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1833c86fdb561b4c0e3252e3867a61c70f3043a19f22c81edb9e1491eaf3b47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1104003
x-amz-server-side-encryption: AES256
cf-ray: 746e0aaf0e679b37-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 20:37:16 GMT
server: cloudflare
etag: W/"6f0191d748190361bf0bbb48b73e9d71"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daa2ezBi3%2FXfCVfKrngsoOHOpl2mlDSzDKOipsYew80RkOTBseNDtAvhxp6U7NggqZF%2FcKVWFePZikMZL5gwTVYI5ps%2F3VYLfAvaLkd7LXgCJvwjc6WdjM%2BqBQZ1%2Bj8QQdhkT6fx%2BtK51uBlCOKkG21oyrg%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: _lf7manRFANpD5pjrcKqWlw9TIomo80G
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: gKhoU14fnKZW1l7PVMqM3z-ITNfhFZYdKYM6sWS17Spb2PXZREqh-A==
expires: Thu, 07 Sep 2023 08:23:20 GMT

GET
H3 200 I18n-lang-nl.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.13109/ Frame 665C 749 B
1 KB 27ms
27ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13109/I18n-lang-nl.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.13130/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39f83f19cb754987b110db0244e8091093a2e6a934fe4719ed6a673f5db9bb78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1104003
x-amz-server-side-encryption: AES256
cf-ray: 746e0aaf0e699b37-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 20:37:16 GMT
server: cloudflare
etag: W/"1ba10fbc985a56631f10d4b6e9cbc01a"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWNLCqySSlSJCVZMzUtwLil9Bikl7H35mTUycrH6nYd6QvwB3abaV5NgIBKzUB5zieuAAOdVFQvRVugDmAlDc8PDmVRggYlUOd1dfrZOMh10AmSHgmEVIutwdiIl5FVAYUvmKPB9fsc82wN5yORYVMOHBcM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: kVjq2eDMs_dotqqqKyV_AUcZC92VvPr8
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: teU0xyavYsv61_9p0D6PKK01tCPTVqpW_5RGsZIHXzqTfmMd3mZURw==
expires: Thu, 07 Sep 2023 08:23:20 GMT

GET
H3 200 i18n-data-data-locales-nl.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.13109/ Frame 665C 2 KB
1 KB 25ms
25ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13109/i18n-data-data-locales-nl.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.13130/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae5ebba3039160e272b9c44cb452edad3abf50cb1c853f68ae72119be3e9f3db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1104003
x-amz-server-side-encryption: AES256
cf-ray: 746e0aaf0e6a9b37-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 20:37:16 GMT
server: cloudflare
etag: W/"49665580a18e3d92739b73cb00b2fdd6"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRBmq9WdK9T82H%2Fi%2BQJBZ8aHh5v8XKG4e%2FFStis3%2BuM8GMUE%2BpAzRZJWbMFAimJDu53DyCDcfNlBtg%2B9MTar%2FjSxPFYCLlmr6cZHKODxwQuBr3g9WoRrEgH5xmKN8O1dAtFk0oRgRmlviwpPE4Xlw39MWuo%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: Hm52zVa7MdSxmEsyV_cytEoIs_Hw5fqp
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: xox1Hw-SuQEYhw0erkdGo2pFu2JLepdK32z2EHB-qQOHg2eo1i-XPQ==
expires: Thu, 07 Sep 2023 08:23:20 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VX-... Frame 5D69 78 KB
28 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VX-cddxg5yk.L.B1.O/am=BoA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgf8snQnX4TMNUJV_65vjlCXotXfg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSuOt9tqUTkNYyFqb5gchlLOHIqQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7d994390586193769bc6c23716ab7af4d248c62bb73ed8c36f07bb71c21a864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28844
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 02:25:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Sep 2023 16:22:33 GMT

POST
H3 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame 665C 0
1 KB 145ms
145ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13130

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.13130/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/conversations-visitor/9343506/threads/utk/eeada1ff17164ab7aee847a4a5a35b8a?uuid=6d02b0ffeeb9448a96f1a438071cef84&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=pegamento.nl&inApp53=false&messagesUtk=eeada1ff17164ab7aee847a4a5a35b8a&url=https%3A%2F%2Fwww.pegamento.nl%2Fbartimeus-fonds%2F%3Futm_campaign%3DPers%252Fnieuws%26utm_medium%3Demail%26_hsmi%3D225236351%26_hsenc%3Dp2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg%26utm_content%3D225236351%26utm_source%3Dhs_email&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hubspotUtk=ea4a49825475933b1b23ba97302afb50
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 55da7f2f-e51d-4647-b7ce-7a0bd5443804
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EP1ZrU4fDgUj%2BdP1XqNfvig2vVII4Aa6B61XXA0wNbWy1PfI5o5hJQn3kW4bt%2B4ZXjIKv249zgWCknqHxcnuk0V7JMYMWACF1HbnqB7quI6kaSuiUFkfsOjFzhzE9%2Fabw5ElR1XrHPx6t24SSA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-allow-credentials: true
cf-ray: 746e0aaf5933693d-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 5D69 49 KB
20 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VX-cddxg5yk.L.B1.O/am=BoA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgf8snQnX4TMNUJV_65vjlCXotXfg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4880
date: Wed, 07 Sep 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 07 Sep 2022 09:02:00 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 5D69 1 MB
353 KB 88ms
87ms XHR
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSuOt9tqUTkNYyFqb5gchlLOHIqQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad7d1021b84a1d5e833cf5553a6de457a9362b7f0ec5df72eab3bda56de5f53c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-J-iaVtUKZL4ILvHR2_AEMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
date: Wed, 07 Sep 2022 08:23:20 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-J-iaVtUKZL4ILvHR2_AEMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
expires: Wed, 07 Sep 2022 08:23:20 GMT

GET
DATA 200
OK truncated
/ Frame E63A 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b4fbdc82f135a08fab5643804fc02fcedfe59da66d27949525c9f3c09f7fca8

Request headers

Referer
Origin: https://donorbox.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VX-... Frame 5D69 18 KB
7 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VX-cddxg5yk.L.B1.O/am=BoA/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgf8snQnX4TMNUJV_65vjlCXotXfg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSuOt9tqUTkNYyFqb5gchlLOHIqQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0a536763eab4fdef0aa6a65666b27776bc7f0da25f771d863e1466e185aa49a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7418
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 02:25:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Sep 2023 16:22:35 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VX-... Frame 5D69 37 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VX-cddxg5yk.L.B1.O/am=BoA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgf8snQnX4TMNUJV_65vjlCXotXfg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSuOt9tqUTkNYyFqb5gchlLOHIqQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46f27e7e217aa28e85cdefd8203f4a2f72e697ba15288d74d80af96bac465bb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14026
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 02:25:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Sep 2023 16:22:35 GMT

POST
H3 200 log Show response
play.google.com/ Frame 5D69 131 B
155 B 74ms
35ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSuOt9tqUTkNYyFqb5gchlLOHIqQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 07 Sep 2022 08:23:20 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 81ms
26ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 07 Sep 2022 08:23:20 GMT
expires: Wed, 07 Sep 2022 08:23:20 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 5D69 131 B
155 B 92ms
55ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSuOt9tqUTkNYyFqb5gchlLOHIqQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 07 Sep 2022 08:23:20 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 80ms
28ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 07 Sep 2022 08:23:20 GMT
expires: Wed, 07 Sep 2022 08:23:20 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 5D69 131 B
155 B 70ms
34ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSuOt9tqUTkNYyFqb5gchlLOHIqQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 07 Sep 2022 08:23:20 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 77ms
28ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 07 Sep 2022 08:23:20 GMT
expires: Wed, 07 Sep 2022 08:23:20 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 5D69 131 B
155 B 63ms
28ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSuOt9tqUTkNYyFqb5gchlLOHIqQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 07 Sep 2022 08:23:20 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 74ms
29ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 07 Sep 2022 08:23:20 GMT
expires: Wed, 07 Sep 2022 08:23:20 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 5D69 131 B
155 B 66ms
29ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSuOt9tqUTkNYyFqb5gchlLOHIqQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 07 Sep 2022 08:23:20 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 70ms
28ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 07 Sep 2022 08:23:20 GMT
expires: Wed, 07 Sep 2022 08:23:20 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 rum Show response
donorbox.org/cdn-cgi/ Frame E63A 0
100 B 39ms
39ms XHR
text/plain 2606:4700:10::ac43:2a18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donorbox.org/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2a18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://donorbox.org/embed/bartimeus-fonds
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type: application/json

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://donorbox.org
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 746e0aafef839b52-FRA
vary: Origin

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 189ms
189ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
443 B 183ms
139ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pegamento.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 4fd8fa7f-6814-4ce7-b7ee-86cbac814edf
x-trace: 2B63C5284A7931E22B82C42AB9A2333B1D4FABD659000000000000000000
x-robots-tag: none
vary: Accept-Encoding
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 746e0ab04d005c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8B20 0
18 B 64ms
30ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.pegamento.nl
Referer: https://www.pegamento.nl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.pegamento.nl
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 08:23:20 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 log Show response
play.google.com/ Frame 5D69 131 B
155 B 66ms
36ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSuOt9tqUTkNYyFqb5gchlLOHIqQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 07 Sep 2022 08:23:20 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 56ms
35ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 07 Sep 2022 08:23:20 GMT
expires: Wed, 07 Sep 2022 08:23:20 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 189ms
188ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 189ms
188ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 189ms
188ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 189ms
189ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 elements-inner-payment-request-3c688532414f303a457e03e6e9b84c8a.html Show response
js.stripe.com/v3/ Frame FFCF 778 B
2 KB 32ms
32ms Document
text/html 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-3c688532414f303a457e03e6e9b84c8a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e8476f27502506bbfd211fcb1787c16ae8f1fbf0c1147344ce0d96c028652a94

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2501
cache-control: max-age=31536000
content-length: 778
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 07:41:41 GMT
etag: "3c688532414f303a457e03e6e9b84c8a"
last-modified: Tue, 06 Sep 2022 18:34:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
x-amz-cf-id: 5P5HmCyB6P8r0q2wE1EBW82oMgsZ7k12Idm9djsV7YoksQSAj2MKBw==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 log Show response
play.google.com/ Frame 5D69 131 B
671 B 83ms
38ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9b8Nx90lFmM.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSuOt9tqUTkNYyFqb5gchlLOHIqQ/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 07 Sep 2022 08:23:20 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame E63A 1017 B
2 KB 185ms
185ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

990edc878e90eb0e525c04d5ab43da4504d92c41914d6c3bc99a980a2e4ca1c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://donorbox.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type: application/json

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f15411101c387
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4066-HHN
traceparent: 00-0000000000000000000f15411101c387-d3edfd3d91b0670d-01
x-timer: S1662539001.556711,VS0,VE167
etag: W/W/"3f9-q+ZKNKdwdVuQ5tp/yPfRIKE5k1Q"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://donorbox.org
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 190ms
188ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 191ms
189ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 213ms
177ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://donorbox.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://donorbox.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 07 Sep 2022 08:23:20 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f249136ff3356
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f249136ff3356-dcbe2fd064415ebb-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4066-HHN
x-timer: S1662539000.378268,VS0,VE159

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 190ms
189ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame FFCF 0
570 B 187ms
186ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame FFCF 0
570 B 187ms
187ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Sep 2022 08:23:20 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 ui-shared-1104b2481ba0bac028499b76824b8032.css
js.stripe.com/v3/fingerprinted/css/ Frame FFCF 19 KB
4 KB 33ms
33ms Stylesheet
text/css 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1104b2481ba0bac028499b76824b8032.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-3c688532414f303a457e03e6e9b84c8a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-3c688532414f303a457e03e6e9b84c8a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 19
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:12 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 19:46:01 GMT
server: Cloudfront
etag: W/"ac79e433d75898d8e3712ae684cf6c65"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: ukDOvh6R49broZbTt-Pf8J9jkw0pu-3lExzzy5PjrlOJd5eK0EjAew==

GET
H2 200 elements-inner-payment-request-26eed73b44e3eaad615d4f2c80585ee4.css
js.stripe.com/v3/fingerprinted/css/ Frame FFCF 8 KB
2 KB 35ms
34ms Stylesheet
text/css 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-26eed73b44e3eaad615d4f2c80585ee4.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-3c688532414f303a457e03e6e9b84c8a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1bde49a256e3555d2964b7ec58ef91bebd056a71b20853c80c72bcad6c9ba4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-3c688532414f303a457e03e6e9b84c8a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 16
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:09 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Fri, 19 Aug 2022 19:21:10 GMT
server: Cloudfront
etag: W/"3218fcec46163e32ff982e451a3589ad"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: 4WbkxJa5wd12Ng3uZHnl8pOEwoX110BXGUteJxYLtqApofd59P40aw==

GET
H2 200 shared-d04048382d85e50076b5ffe5e2f749f4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FFCF 264 KB
63 KB 34ms
33ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-3c688532414f303a457e03e6e9b84c8a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

38a5240977bd9ad3a985943cb38addb85404f5ae1b8a3c9538251bcf13726615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-3c688532414f303a457e03e6e9b84c8a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 22
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:04 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Cloudfront
etag: W/"e837fe1e00d602448ad55f845b8382b6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: 0bCQQU6cmdzNAmsy4E3UJhxvvg17xxwPSHHNXMbcv-ihXS05fZRI2A==

GET
H2 200 ui-shared-da0d5b706c1e1e84cfaba2439ce7c488.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FFCF 202 KB
59 KB 35ms
35ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-da0d5b706c1e1e84cfaba2439ce7c488.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-3c688532414f303a457e03e6e9b84c8a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1aa6e908cce067eda3ecc67b493bd30a6ed61ff791b475cd4b8ca42cb718189d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-3c688532414f303a457e03e6e9b84c8a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 48
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:22:39 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 18:36:32 GMT
server: Cloudfront
etag: W/"090fde197421fa4da5a440a773057df2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: eTuaP7rHrQmgMoe2-fmw6a8wDQT9N4IQa6e6SdDpSEeG6cjzXWpeDg==

GET
H2 200 elements-inner-payment-request-8c1f8531c917e4c85ca41cebeec76304.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FFCF 44 KB
13 KB 37ms
36ms Script
text/javascript 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-8c1f8531c917e4c85ca41cebeec76304.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-3c688532414f303a457e03e6e9b84c8a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f9c3f88812b49b97e0ff3087624abaf17d4853bab341db5b07e82d15e1e19453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-3c688532414f303a457e03e6e9b84c8a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 15
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:09 GMT
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 18:34:36 GMT
server: Cloudfront
etag: W/"99c9c282fa252cac9efeb38ccab86bee"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: bMtj6c6SBKe45qW9JYffCC02Pq-9WdBwCPZH3W4Rw0BU4BHOsrbggg==

GET
H2 200 nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame FFCF 69 KB
16 KB 36ms
36ms Fetch
application/json 99.86.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/nl-21ca1fd2bd0a69e0c2428af8cd231c5f.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-126.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba5fb2839222a6f49aeb183317ecb19b2b981036dc8128835e919ed2db0ee525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-request-3c688532414f303a457e03e6e9b84c8a.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 19
x-cache: Hit from cloudfront
date: Wed, 07 Sep 2022 08:23:19 GMT
via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 19:46:02 GMT
server: Cloudfront
etag: W/"21ca1fd2bd0a69e0c2428af8cd231c5f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: VIE50-C1
timing-allow-origin: *
x-amz-cf-id: Uzvc8aPCn0iCdcFd0-DlhLbPP5YJRATe6EyIug85D4dfttT2j_HKBw==

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 189ms
188ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 190ms
189ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D6B9 0
127 B 190ms
189ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d04048382d85e50076b5ffe5e2f749f4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Sep 2022 08:23:20 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truncated
URL: data:truncated

Domain: donorbox.org
URL: https://donorbox.org/embed/bartimeus-fonds

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 10:08:11	Name: _GRECAPTCHA Value: 09AMjm62X5_7EJWqf1dqLc78RlWnuUIBrEuet19pdCgzZPaqbCqlBlEwPU_N9ZFoHFFK_EJNohWAK3JNCGJ_9aMZY
connect.onlinesucces.nl/	1970-01-20 15:24:58	Name: logger Value: 8f685f842a380853d2f499ffc273b8e4
.pegamento.nl/	1970-01-20 07:58:34	Name: _gcl_au Value: 1.1.1932969929.1662538997
.pegamento.nl/	1970-01-20 15:24:58	Name: _ga_RFFCWKQRHX Value: GS1.1.1662538997.1.0.1662538997.0.0.0
.pegamento.nl/	1970-01-20 15:24:58	Name: _ga Value: GA1.2.925176585.1662538997
.pegamento.nl/	1970-01-20 05:50:25	Name: _gid Value: GA1.2.762472088.1662538997
.pegamento.nl/	1970-01-20 05:48:59	Name: _gat_UA-138328043-1 Value: 1
.doubleclick.net/	1970-01-20 05:48:59	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-20 06:32:10	Name: UserMatchHistory Value: AQK9XtJ_8X6nvwAAAYMXC996u03aRy-k4J_4lxBXBVKxfc4Wr4sOIFn3gQZAMYFuQh5cRK0_TrPYtQ
.linkedin.com/	1970-01-20 06:32:10	Name: AnalyticsSyncHistory Value: AQK8Lx3vYijvPwAAAYMXC996TPlnoWve57ErZSqMDi72WOqSWsLa6tsoPBEYUm65gBFa9smqatILSfrcuBK8kA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:34:34	Name: bcookie Value: "v=2&06f6df4f-84bd-463e-86cd-3cdcb82b0507"
.linkedin.com/	1970-01-20 05:50:25	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2678:u=1:x=1:i=1662538997:t=1662625397:v=2:sig=AQHbMdaGf_O7vFtx83OaMX-PNKlD6AxP"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:34:34	Name: bscookie Value: "v=1&20220907082317f77ed5f2-d672-48de-8744-69cbf708bc94AQGbbIp9DGjGPkMhNHk-1yIjj-P9O04a"
.linkedin.com/	1970-01-20 10:08:10	Name: li_gc Value: MTswOzE2NjI1Mzg5OTc7MjswMjGcWwn1NJ3He+ir9E/K81l9+7nlu2rQnNL/aG11z7+2WQ==
.pegamento.nl/	1970-01-20 10:08:10	Name: __hstc Value: 267206801.ea4a49825475933b1b23ba97302afb50.1662538998303.1662538998303.1662538998303.1
.pegamento.nl/	1970-01-20 10:08:10	Name: hubspotutk Value: ea4a49825475933b1b23ba97302afb50
.pegamento.nl/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.pegamento.nl/	1970-01-20 05:49:00	Name: __hssc Value: 267206801.1.1662538998304
.hubspot.com/	1970-01-20 05:49:00	Name: __cf_bm Value: iNv0d9BOgzjPIAnFY5RYHhVubdh2yyjETvLM6XkwftY-1662538998-0-AWyFHNnCDQ+KT27oIvPme2/KXosjPc0INCjvghsXQRR9pZQLtYGpxyNV2jduWjwFLlNNe7fzeW1Kn16ng75Z2qA=
.google.com/	1970-01-20 10:12:30	Name: NID Value: 511=EJHqI3lQCvu2xTEuaDp4q2ndRwgc4ZK2TEKhCAaUu5wGXx7lGSQbaBGHUP3CZq6FYf2RvPKPmf21lUU1YOE_a4rw0MMktYj6RqdOINJuOL9PAjcFlp05_EIowZXPLq8ITmWP2jndR5YN0IzlqAVc8fr2CrhocTtTO53rRv9iySs
.paypal.com/	1970-01-20 15:24:58	Name: ts Value: vreXpYrS%3D1757233398%26vteXpYrS%3D1662540798%26vr%3D170be4c21830a8a358e7d540ffffffff%26vt%3D170be4c21830a8a358e7d540fffffffe
.paypal.com/	1970-01-20 15:24:58	Name: ts_c Value: vr%3D170be4c21830a8a358e7d540ffffffff%26vt%3D170be4c21830a8a358e7d540fffffffe
.donorbox.org/	1970-01-20 05:49:00	Name: __cf_bm Value: tmJ9nf8D.zdmMjCMnEOB8Y4Bnpat8_nEcQQUOTdd.20-1662538999-0-AemcGKVDjeXnpdj2ws6q/FfisTQBzi+qK60xDeCi9gKk2VTKVjiboHuYDfFu87s2sx4OBDYGc3RWruqJlL/++Ttqska5WDOaRJLsU/aOgT2LnGNNqokbyAavr+yxB9iMQQ==
.pegamento.nl/	1970-01-20 07:58:35	Name: _fbp Value: fb.1.1662538999783.1116344681
.pegamento.nl/	1970-01-20 10:08:11	Name: messagesUtk Value: eeada1ff17164ab7aee847a4a5a35b8a
m.stripe.com/	1970-01-20 15:24:59	Name: m Value: 1cf70d0e-c0fa-43d9-9b0e-aefc5cfa31e0a346d9

35 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.onlinesucces.nl/js/efc/efc.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.onlinesucces.nl/js/efc/efc.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://donorbox.org/widget.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://donorbox.org/widget.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email Message: Failed to decode downloaded font: https://www.pegamento.nl/wp-content/uploads/2022/01/AnyConv.com__OpenSans-Regular.woff2
other	warning	URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email Message: OTS parsing error: invalid sfntVersion: -2147363055
other	warning	URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email Message: Failed to decode downloaded font: https://www.pegamento.nl/wp-content/uploads/2022/01/AnyConv.com__OpenSans-Regular.woff2
other	warning	URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email Message: OTS parsing error: invalid sfntVersion: -2147363055
javascript	warning	URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://donorbox.org/widget.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://donorbox.org/widget.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://donorbox.org/widget.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.pegamento.nl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://donorbox.org/widget.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email(Line 417) Message: Failed to decode downloaded font: https://www.pegamento.nl/wp-content/uploads/2022/01/AnyConv.com__OpenSans-Regular.woff2
other	warning	URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email(Line 417) Message: OTS parsing error: invalid sfntVersion: -2147363055
other	warning	URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email Message: Failed to decode downloaded font: https://www.pegamento.nl/wp-content/uploads/2022/01/AnyConv.com__OpenSans-Regular.woff2
other	warning	URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email Message: OTS parsing error: invalid sfntVersion: -2147363055
other	warning	URL: https://www.pegamento.nl/wp-includes/js/jquery/jquery.min.js?ver=3.6.0(Line 1) Message: Failed to decode downloaded font: https://www.pegamento.nl/wp-content/uploads/2022/01/AnyConv.com__OpenSans-Regular.woff2
other	warning	URL: https://www.pegamento.nl/wp-includes/js/jquery/jquery.min.js?ver=3.6.0(Line 1) Message: OTS parsing error: invalid sfntVersion: -2147363055
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
other	warning	URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email Message: Failed to decode downloaded font: https://www.pegamento.nl/wp-content/uploads/2022/01/AnyConv.com__OpenSans-Regular.woff2
other	warning	URL: https://www.pegamento.nl/bartimeus-fonds/?utm_campaign=Pers%2Fnieuws&utm_medium=email&_hsmi=225236351&_hsenc=p2ANqtz-9uClq2RJ9Roltp7v6MlAjOh-iOx_Se0CQuUDfyBMqovtr9yvy6pGVSqANUew_snqielD0gRLAFewfM-aI40AOpM7ecaruLJYNl2E9P8JtB1fLAeBg&utm_content=225236351&utm_source=hs_email Message: OTS parsing error: invalid sfntVersion: -2147363055
other	warning	URL: https://js.hsleadflows.net/leadflows.js Message: Failed to decode downloaded font: https://www.pegamento.nl/wp-content/uploads/2022/01/AnyConv.com__OpenSans-Regular.woff2
other	warning	URL: https://js.hsleadflows.net/leadflows.js Message: OTS parsing error: invalid sfntVersion: -2147363055
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
app.hubspot.com
cdn.onlinesucces.nl
code.getmdl.io
connect.facebook.net
connect.onlinesucces.nl
d15lcw04.na1.hubspotlinks.com
donorbox.org
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.stripe.com
js.usemessages.com
m.stripe.com
m.stripe.network
pay.google.com
play.google.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
r.stripe.com
region1.google-analytics.com
snap.licdn.com
static.cloudflareinsights.com
static.hsappstatic.net
stats.g.doubleclick.net
t.paypal.com
track.hubspot.com
truncated
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.paypal.com
www.pegamento.nl
www.recaptcha.net
donorbox.org
truncated
13.107.43.14
142.250.185.162
151.101.1.35
151.101.65.21
2001:4860:4802:32::36
2600:9000:2057:f800:19:7d10:bd80:93a1
2600:9000:206e:d600:7:afd2:7080:93a1
2606:4700:10::ac43:2a18
2606:4700:20::681a:331
2606:4700:4400::ac40:9a55
2606:4700:440e::6812:2fe6
2606:4700::6810:5605
2606:4700::6811:46b0
2606:4700::6811:72b0
2606:4700::6811:7d2
2606:4700::6811:80ab
2606:4700::6811:c9cc
2606:4700::6811:d2cc
2606:4700::6811:e9cc
2606:4700::6811:eecc
2606:4700::6812:1e69
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:803::2004
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:810::2003
2a00:1450:4001:812::2008
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2013
2a00:1450:4001:831::200e
2a00:1450:400c:c07::5c
2a00:1450:400c:c0a::9c
2a00:1450:400e:80c::200a
2a02:26f0:10e::6860:5baa
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
54.148.34.38
54.187.159.182
80.94.91.28
99.86.240.126
007f56dd14f42b63eb5a58654189e74e8b118af954e4a10b13170dc9ad40e09b
0240d981db324a351db5606296ef89cbbfd58f80c7eab1cb9884e7b1fae337ac
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
06040ab5e95464c8027382b37d126569fddd3e2ca3f0e339b7308a0789852a19
07c2368d85b0d08f0af8a017c057c5ef6a3c835c99e48b8a9e539f7be99506c2
084923fa090cf4836b8300ff11b03022886ede9df52f76263f6254beebf5dcfa
0c2d44d4ef3f14eefd935acbc3a3a1b8ee462693c9bbbd96eca177b95fd98032
0e73bcdd5b0a148f94426936a6f6a7d1264308ee3e6c4bb683a0296a862c1e45
0fa7ec6c87f11b8fa1487e84723d86b2e84797661379884ad6c358f8c824ecbf
10c13ec0c8fd86774c7ac8dece28cf17ecbe6b59febb16b204baf4d3ec66585e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f5c42699d3958ae4233c0fbb6ea874cb6d5c7211a0f9709303e3a6ffb75c30
13585a323a184c14d9902621b7bb9594c50f78397a772715683825ae1dd427e7
1590f52adb0ff3eb1a5d0c1a0ef0c1f60d8451c3510fc44bd316919e5daf705f
1833c86fdb561b4c0e3252e3867a61c70f3043a19f22c81edb9e1491eaf3b47e
1aa6e908cce067eda3ecc67b493bd30a6ed61ff791b475cd4b8ca42cb718189d
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bde49a256e3555d2964b7ec58ef91bebd056a71b20853c80c72bcad6c9ba4ae
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29c961d257f40c844151a90318935f2ee0a9a426b3b94b76a2bd3cc94cacb580
2b4fbdc82f135a08fab5643804fc02fcedfe59da66d27949525c9f3c09f7fca8
2d2c44d306bebe99b644ddf549cf9e1b903b74a23722a2160df230678e772362
2fe4ebc7d6c80f5569cbc313e339a1bab66d10b3369638ab46dd37e5e2c02b49
3205e098c0da41289eabe6cd80cb0f0227250af83930763e956cbeb2141c2ede
338be55e09986b74b0abf67ba0d09e117698bc411529b3da8f0783a349461bdf
3444cd05f786fc062fcb5c164604566935c9c5b25706eeab6189b3a0f37d058d
3668ea9372c9d814da730d2e3e0a01183123871124a70c0fba3803c77d68ec78
369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429
38a5240977bd9ad3a985943cb38addb85404f5ae1b8a3c9538251bcf13726615
399a58cb8e54552de5db05b0756f5896744d4d827c7dfdb7355ca2ad274f293b
39f83f19cb754987b110db0244e8091093a2e6a934fe4719ed6a673f5db9bb78
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
446a1e15818ad492348384cfb62ee4c09674e5ffb8ec3296ef5170242bb24b9b
4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175
46f27e7e217aa28e85cdefd8203f4a2f72e697ba15288d74d80af96bac465bb5
47865a20990325193674cc833ba07c4cae9c59946f571695019f0ffa4f0d6182
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
47ab36282ec622a015d9a3b296cd2a8910463f537809d1cc9bec804394b5db88
4af9c69352b526533d79eda7beb0be5b2ad605a548eb9c0eefe510bd46bd344f
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
516537ae76dfbf9b6dea21b9de2ba86c2758b7b071da0d59a17ba06e2dfdfa04
543ceb846af6fbfff9fc58f1e53994f3f191116c51ca95de3ce75d675c50ea66
57e60775734f76ca00b78ddb75733c7255e17617d1d3b0730c44577c92d2e5b8
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
5c70c7f5bb5281b1ec82f1009d84a0ffa804103e19f33407c2deff6f7c4426fa
5d384269f927c9423b2dc9374986bfbb69985acd5f0b22ffff5ea5ecc1b221af
5e0a88a680075dec852a87e3caa62bbb27bc77affb238de1778e1a8dca88e088
6067674fa9b4572cb9d0835c64d9fbf637ea3045b4864ef4a5ee8fc278f3999c
62030bea6efa6342975afe088a81c0921dcaf68a0f998d9f293be4c175cbb2cd
63820a7a652f16a10151f42afc460489b6356e87323348b2d27534060430fc9f
643003095027cb25cda505f2f75691bdfff496da9de7650b3b2bc590a5e3360f
644fc549673b2599735f629cc86675d314a75af51e6aa85d28c7efd14c0e6372
6910c72e830f24f75a1b618693e768e71f2d892300fe232422f972149b7e2bc8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b096b47206d8f78a2c49af2f2ae46b35d93b0e3cf105a9febef59144aa2eae2
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6eb4f0aaf268e7b446a1ec2a346df2727212cbb81b6d61ed9b64216fc9aba631
732cb2f43a282d343cefc0aa9ea7b80c1a7971f1e70c29ce94b483c1030b2d42
73a8a5808e5216330c08a08811fe34f96cbdd2311888679b35b951f22137d652
749a21f6e8e5ffe3df34cb61b47310d2cb6bc942eaf018b0b27aaf1c6e80f6a1
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56
7e199aa277cc52f2c8153b60d26faf7b40b9f91961ebb43b15e26fbe43c06d39
818bb8dd7789e61530b541504fde932dac3deaef14d12e2af0e7cde78bf3bf1e
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85d46d1a8ae8cc48bd65682aaf16b405019423260c5cf18fa415f4e631260b05
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
895b93834ec33ab0982acaeff29b5569e0c4366850fceef5cfd96dc763b59e40
89830402b29eb63be8a18419c458f153d888f4938a4b6ff95a9ec190c61bfc2a
89e371794fbc7b7f610cdeeb0a477df0dc29c62cd47d57a294a3f1971980a402
8c3392e876d4b5c778e0d0ae787502252e3353b59149063e1f6a1a85216cb9e5
8ef7992b27b828250af5b535a7023abcd85a5da183106300bdb2b6239ddc2e4c
9028691aaafdcbba25e0fc8e7867044e86dd25efad1f9edeb848499babfea23a
93378c6a055ba88a98e4103e5e69223de732a96d649bf122de263af0748c639c
9756e1b2851d0d938d30b35109ca95cd3f33ab087e8b9dba17f1bd8c12a4caec
97e66f56d5ec2d2644d187fef977d63bda0bf8ca42a21b74564ac7067f0c0f39
990edc878e90eb0e525c04d5ab43da4504d92c41914d6c3bc99a980a2e4ca1c3
9c5068a61a1da743ae6459cd247b2e228a23bd80999483e0f2fc9f72c11e8528
9f9c20e7e3fa6dc6a21aaa3e9b025d2b734d4def2dd4fdbbb37cea01f1848075
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a36de6b0ef529172864e55bd6e6c062b6a304b1fbbe4e168f499aaf7f3f7a6e9
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6576970f7ccdb903816119d6a5c9160f207325bec9d3023307dd6f4e6361734
a94a4de367870ba6bf0979c8edd088e26a127a654965e9547d72072dc3a40bec
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7f07d2c342be5bc2dde8a358ddbf84adf615590e22bc2a5a0cde7daee383a1
ad7d1021b84a1d5e833cf5553a6de457a9362b7f0ec5df72eab3bda56de5f53c
adc89d7d695381bf2118da87e677a2af4057f40e466cf6c1a9af963d3921e1e4
ae5ebba3039160e272b9c44cb452edad3abf50cb1c853f68ae72119be3e9f3db
af68ebf6a7e9544b12f6134f6873e932aae8ab2528d8871d6145885485fcc032
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
ba5fb2839222a6f49aeb183317ecb19b2b981036dc8128835e919ed2db0ee525
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba35e873ab92d5adc84eb44a10eff36abd2655d2f073f1ef8fa613643be9efc
bc3b175c482f1f54f77d4ccad5366704cc4b0daa2a88e653f509fe88a92c53e4
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf3a88c35bdc16d97403947a9f9188faf13af9a6776529a422286716605d5fee
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c29b5913f8f57a885d8771462403f55628dbd303c3d834cc6d57a3202bf1c9d1
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c4b2b3df0cdb9d07c450b124ef2604b8f2da51420e5d0ff3553050abe724865f
c7e0724aaeddd01df73399c5b8ed4f242b7e9097fc0cc614d09aecd862776661
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd1e2037c801129941a039a6ea86c44555b13177dcc8f10f597218ffc5d93919
cea167bdc8fd6def0e923edf2e39603639425d5b2d579afb17eae4f7f6714f7c
cee816e05fe74101b3996fa55f60eb337c76c60c24bcd1667f60f8a219d92d73
cf7ace042a58610df90fd0b5cdaabb5c97ab24fcc40494a81289250e55335af0
d0a536763eab4fdef0aa6a65666b27776bc7f0da25f771d863e1466e185aa49a
d28cb39d6d318b23e2fb5fe1810b77e7f0229479b4765bdb5214d2e59e70d47f
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d52fec3df6843f849c42f7c9ae0f21a93db5dd16a9f867eeda3469d557381abe
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
da5f4a5bfc99cc46e4d44de57ef67ba975c6700e7de05ec398c5ad029ebea6eb
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd1552183732ebda25cb0cdd87314fb2f23a25baf59222d2c3b94843f7155e91
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e2282fda0bef9572effb5f14bcebb37829a405cf99e857534bf44a94d06e8d3e
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e32f2a67cbc4ca6db906c65cecf763a595bf6a701f7dd5bcf49cb8727719b0c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e403a2b0fec3d21d154e033a7f3410b42318c2ffe673e77a25733cc226ce2db6
e7d994390586193769bc6c23716ab7af4d248c62bb73ed8c36f07bb71c21a864
e8476f27502506bbfd211fcb1787c16ae8f1fbf0c1147344ce0d96c028652a94
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f618eb6286efd77c2eeb7f72f74829635555e38720c2d1fffbe2f20925252299
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f6e7178a181c0843cb1b48b0bc94d10b2159fe5fcd5c67280e133ea0aaf4e1cc
f7b06b3c13d68df5df7b2f13e9eaeab6c910b4a32cd3e3c21ba682ad42bc21b6
f9c3f88812b49b97e0ff3087624abaf17d4853bab341db5b07e82d15e1e19453
fb589a6f94e84785a635a878f08562c973eb46bc5b553d55acf0373c7363ff08
fbb15691847a9d00cccde29feffb123265276d22f209d0371183dd19af854a89
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fee061e427ed1ebeb56c7e0d1ae9417b82924fa49389d39794d76033a3d39287
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

www.pegamento.nl Open in urlscan Pro 2606:4700:20::681a:331 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

279 Requests

99 %HTTPS

82 %IPv6

34 Domains

49 Subdomains

45 IPs

6 Countries

7913 kBTransfer

19729 kBSize

28 Cookies

4 Outgoing links

Page URL History

Redirected requests

279 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.pegamento.nl Open in urlscan Pro
2606:4700:20::681a:331 Public Scan

Screenshot
Live screenshot

Full Image

279
Requests

99 %
HTTPS

82 %
IPv6

34
Domains

49
Subdomains

45
IPs

6
Countries

7913 kB
Transfer

19729 kB
Size

28
Cookies

279 HTTP transactions
7 data transactions