soutenir.msf.fr Open in urlscan Pro
2600:9000:206e:fc00:11:7c4b:83c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.mdz01.fr/c/ixe/LUh/cngVANiofDgAL5hX5ZNOcy/Fq/FXnM6/F/535ec0b1
Effective URL:
https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft...
Submission: On December 19 via manual (December 19th 2022, 8:54:08 pm UTC) from US — Scanned from FR

Summary HTTP 140 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 16 domains to perform 140 HTTP transactions. The main IP is 2600:9000:206e:fc00:11:7c4b:83c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is soutenir.msf.fr.
TLS certificate: Issued by Amazon on September 7th 2022. Valid for: a year.

This is the only time soutenir.msf.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	176.126.250.255 176.126.250.255	47544 (IQPL-AS) (IQPL-AS)
1 1	13.69.68.37 13.69.68.37	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	147.135.137.195 147.135.137.195	16276 (OVH) (OVH)
2 50	2600:9000:206... 2600:9000:206e:fc00:11:7c4b:83c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
13	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1	2600:9000:210... 2600:9000:2104:3800:5:e00c:b700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1b55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:401... 2a00:1450:4013:c07::5c	15169 (GOOGLE) (GOOGLE)
5	52.47.181.161 52.47.181.161	16509 (AMAZON-02) (AMAZON-02)
2	13.32.110.75 13.32.110.75	16509 (AMAZON-02) (AMAZON-02)
1	52.49.17.168 52.49.17.168	16509 (AMAZON-02) (AMAZON-02)
24	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	34.107.143.101 34.107.143.101	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:8800:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	44.239.165.78 44.239.165.78	16509 (AMAZON-02) (AMAZON-02)
140	20

1 176.126.250.255 (Poland) 1 redirects

ASN47544 (IQPL-AS, PL)
PTR: 176-126-250-255.rev.iq.pl

links.mdz01.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.69.68.37 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.ar-mtch1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.135.137.195 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3078391.ip-147-135-137.eu

ubc-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.ubc-tracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2600:9000:206e:fc00:11:7c4b:83c0:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

soutenir.msf.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:3800:5:e00c:b700:93a1 (United States)

ASN16509 (AMAZON-02, US)

monitoring.iraiser.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1b55 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4013:c07::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.47.181.161 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-47-181-161.eu-west-3.compute.amazonaws.com

t.wizaly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.110.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-75.vie50.r.cloudfront.net

try.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.17.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-17-168.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.143.101 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 101.143.107.34.bc.googleusercontent.com

dcinfos-cache.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:8800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.165.78 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-165-78.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	msf.fr 2 redirects soutenir.msf.fr	1 MB
47	stripe.com js.stripe.com — Cisco Umbrella Rank: 982 q.stripe.com — Cisco Umbrella Rank: 6290 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5976 r.stripe.com — Cisco Umbrella Rank: 4101 m.stripe.com — Cisco Umbrella Rank: 976	428 KB
17	google.com pay.google.com — Cisco Umbrella Rank: 2681 play.google.com — Cisco Umbrella Rank: 15	400 KB
8	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 403	126 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	119 KB
5	wizaly.com t.wizaly.com	26 KB
3	abtasty.com try.abtasty.com — Cisco Umbrella Rank: 8133 dcinfos-cache.abtasty.com — Cisco Umbrella Rank: 9522	95 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1099	16 KB
2	ubc-tracking.com 1 redirects tracker.ubc-tracking.com	2 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 672	295 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
1	iraiser.eu monitoring.iraiser.eu — Cisco Umbrella Rank: 993111	274 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	116 KB
1	ubc-offers.com 1 redirects ubc-offers.com	319 B
1	ar-mtch1.com 1 redirects r.ar-mtch1.com — Cisco Umbrella Rank: 174135	411 B
1	mdz01.fr 1 redirects links.mdz01.fr	373 B
140	16

	Domain	Requested by
50	soutenir.msf.fr	2 redirects tracker.ubc-tracking.com soutenir.msf.fr
24	r.stripe.com	js.stripe.com
13	play.google.com	www.gstatic.com
13	js.stripe.com	soutenir.msf.fr js.stripe.com
8	q.stripe.com	tracker.ubc-tracking.com
8	cdn.cookielaw.org	soutenir.msf.fr cdn.cookielaw.org
5	t.wizaly.com	tracker.ubc-tracking.com t.wizaly.com soutenir.msf.fr
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	js.stripe.com pay.google.com tracker.ubc-tracking.com www.gstatic.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	try.abtasty.com	www.googletagmanager.com try.abtasty.com
2	tracker.ubc-tracking.com	1 redirects
1	m.stripe.com	m.stripe.network
1	dcinfos-cache.abtasty.com	try.abtasty.com
1	fonts.gstatic.com	fonts.googleapis.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	fonts.googleapis.com	soutenir.msf.fr
1	monitoring.iraiser.eu	soutenir.msf.fr
1	www.googletagmanager.com	soutenir.msf.fr
1	ubc-offers.com	1 redirects
1	r.ar-mtch1.com	1 redirects
1	links.mdz01.fr	1 redirects
140	23

This site contains links to these domains. Also see Links.

Domain
www.msf.fr
www.iraiser.eu
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
o.cafrance.fr R3	`2022-12-07` - `2023-03-07`	3 months	crt.sh
soutenir.msf.fr Amazon	`2022-09-07` - `2023-10-05`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-12-15` - `2024-01-11`	a year	crt.sh
*.iraiser.eu Amazon	`2022-04-03` - `2023-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-12` - `2023-03-09`	4 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
t.wizaly.com Amazon	`2022-06-22` - `2023-07-21`	a year	crt.sh
try.abtasty.com Amazon	`2022-06-27` - `2023-07-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
dcinfos-cache.abtasty.com R3	`2022-11-24` - `2023-02-22`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh

This page contains 7 frames:

Primary Page: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Frame ID: 3FC217279CDC3A1EB891AEB522442C71
Requests: 71 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-c3d8f39ab4737de969e208051aa024ba.html
Frame ID: AEF276C0DD46319EC2E24FFFBA51BF03
Requests: 30 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-d42b6196060b8773f984523bc42ac07c.html
Frame ID: E1C5CE1D9CD97C68B36713260083BED4
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-3dcab663bbec6fb90fd63c763ba3517a.html
Frame ID: AFEAD4B8225D071ABCE57B1B922F0974
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: A3437A49C419032EAFE738243FF7E9F4
Requests: 14 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: FF64D34C6B69C95052075E79990413E7
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B73737516FDF20BC400DDAFAC1D5A628
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Soutenez notre associationBack ButtonFilter Button

Page URL History Show full URLs

https://links.mdz01.fr/c/ixe/LUh/cngVANiofDgAL5hX5ZNOcy/Fq/FXnM6/F/535ec0b1 HTTP 302
https://r.ar-mtch1.com/Redirect?pid=FB&chid=XM&md5=dbc03657dd91d9139d3337ce21258740&sha256=7d8e6dea... HTTP 302
http://ubc-offers.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645 HTTP 301
https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645 Page URL
https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645&jcc=062653a2657a2807c88402... HTTP 302
https://soutenir.msf.fr/b?cid=176&reserved_field=P22W10006&utm_medium=emailing_prospecting&utm_sourc... HTTP 303
https://soutenir.msf.fr/cfa-2022/b?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2... HTTP 303
https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMC... Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

140
Requests

100 %
HTTPS

50 %
IPv6

16
Domains

23
Subdomains

20
IPs

6
Countries

2802 kB
Transfer

6860 kB
Size

14
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.msf.fr/

Search URL Search Domain Scan URL

URL: https://www.msf.fr/decouvrir-msf/transparence-financiere
Title: msf.fr/comptes

Search URL Search Domain Scan URL

URL: https://www.msf.fr/politique-de-confidentialite-de-medecins-sans-frontieres
Title: politique de confidentialité

Search URL Search Domain Scan URL

URL: https://www.iraiser.eu/

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.mdz01.fr/c/ixe/LUh/cngVANiofDgAL5hX5ZNOcy/Fq/FXnM6/F/535ec0b1 HTTP 302
https://r.ar-mtch1.com/Redirect?pid=FB&chid=XM&md5=dbc03657dd91d9139d3337ce21258740&sha256=7d8e6dea7ef80bd7d5d3f3b529cbf25faef90616a6a0e2ca0e906a67902a9995&url=http%3a%2f%2fubc-offers.com%2f%3fref%3dMSFMED05%26lf%3d53b8041bd9097e5bfab0a99e461a5645&type=c&list=TUP+OK+FULL&esp=F HTTP 302
http://ubc-offers.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645 HTTP 301
https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645 Page URL
https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645&jcc=062653a2657a2807c884023f701d7a0f HTTP 302
https://soutenir.msf.fr/b?cid=176&reserved_field=P22W10006&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006 HTTP 303
https://soutenir.msf.fr/cfa-2022/b?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&cid=176&reserved_field=P22W10006&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&lang=fr_FR&_cv=1 HTTP 303
https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://links.mdz01.fr/c/ixe/LUh/cngVANiofDgAL5hX5ZNOcy/Fq/FXnM6/F/535ec0b1 HTTP 302
https://r.ar-mtch1.com/Redirect?pid=FB&chid=XM&md5=dbc03657dd91d9139d3337ce21258740&sha256=7d8e6dea7ef80bd7d5d3f3b529cbf25faef90616a6a0e2ca0e906a67902a9995&url=http%3a%2f%2fubc-offers.com%2f%3fref%3dMSFMED05%26lf%3d53b8041bd9097e5bfab0a99e461a5645&type=c&list=TUP+OK+FULL&esp=F HTTP 302
http://ubc-offers.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645 HTTP 301
https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645

140 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
tracker.ubc-tracking.com/
Redirect Chain

https://links.mdz01.fr/c/ixe/LUh/cngVANiofDgAL5hX5ZNOcy/Fq/FXnM6/F/535ec0b1
https://r.ar-mtch1.com/Redirect?pid=FB&chid=XM&md5=dbc03657dd91d9139d3337ce21258740&sha256=7d8e6dea7ef80bd7d5d3f3b529cbf25faef90616a6a0e2ca0e906a67902a9995&url=http%3a%2f%2fubc-offers.com%2f%3fref%...
http://ubc-offers.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645
https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645

510 B
756 B

123ms
15ms

Document
text/html

147.135.137.195
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.137.195 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3078391.ip-147-135-137.eu
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: faaef27f8c7d99b5fb81b35fc2857afebc97e1ac94d3f899c72b8dd05edd4eb6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 374
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Dec 2022 20:54:03 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Keep-Alive: timeout=5, max=100
P3P: CP="NOI ADM DEV PSAi NAV OUR STP IND DEM"
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 374
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 19 Dec 2022 20:54:03 GMT
Keep-Alive: timeout=5, max=100
Location: https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645
Server: Apache/2.4.18 (Ubuntu)

GET
H2

200

Primary Request ~mon-don Show response
soutenir.msf.fr/cfa-2022/
Redirect Chain

https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645&jcc=062653a2657a2807c884023f701d7a0f
https://soutenir.msf.fr/b?cid=176&reserved_field=P22W10006&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006
https://soutenir.msf.fr/cfa-2022/b?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerN...
https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJB...

87 KB
88 KB

555ms
554ms

Document
text/html

2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1

Requested by

Host: tracker.ubc-tracking.com
URL: https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0bf188b6361615e5fb331062355c056f29c7458e3ac7b3beccf8cbc90aa805eb

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://tracker.ubc-tracking.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: public, max-age=300, s-maxage=300
content-type: text/html;charset=UTF-8
date: Mon, 19 Dec 2022 20:54:04 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
server: nginx
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
x-amz-cf-id: WiAYiIBpq5I6cKTRUDYuDZ5ysICQM4g4KooSA-S8fuT6oUn_eEGUCA==
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
x-xss-protection: 1

Redirect headers

cache-control: public, max-age=300, s-maxage=300
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 20:54:04 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
server: nginx
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
x-amz-cf-id: tBkgBk2wOpRrp7g_l9nW_Rn5cG3u2_oLmJmTO4El5uPdjTz0aHf8SQ==
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
x-xss-protection: 1

GET
H2 200 style_v2.css
soutenir.msf.fr/themes/default/css/ 18 KB
5 KB 127ms
126ms Stylesheet
text/css 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/css/style_v2.css?hash=43e361a8f3b92db452484039c64b91df
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ee93d665f6dc272a96969eeb06a2f1d41fab80d9e08357ced220c1e161ea5868

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:26:09 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:33 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 19675
etag: W/"637dee15-46c3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: DGLPn-wtFPyRY4vqso8Vu92zkEJLqiu-TCks4vXmlf0Zb93Ugive_g==

GET
H2 200 jquery-1.11.2.min.js Show response
soutenir.msf.fr/themes/default/js/ 94 KB
33 KB 96ms
94ms Script
application/javascript 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/js/jquery-1.11.2.min.js?hash=5790ead7ad3ba27397aedfa3d263b867
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:26:09 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 19675
etag: W/"637dee14-176bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: UU5995FO7PB-wDT5wvN-TuSSkVuKpEhmv_R36Bcvc0AG3drYIl7V6w==

GET
H2 200 jquery.cookie-1.0.min.js Show response
soutenir.msf.fr/themes/default/js/ 994 B
1 KB 54ms
53ms Script
application/javascript 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/js/jquery.cookie-1.0.min.js?hash=6f6ed3cd5486dbf3bb9143eea287a6a5
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 64e56836e083250c795d6fc4fd222f30841bb90de0dcef675bb81c44d2f96e12

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 10:01:26 GMT
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 39158
etag: "637dee14-3e2"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 994
x-amz-cf-id: rFoI8iMYKE0_t6wtg61_FXH6NurApxKujXHGg8nWtAoIFOHlySBnzQ==

GET
H2 200 dnterrors.min.js Show response
soutenir.msf.fr/themes/default/js/ 2 KB
996 B 56ms
55ms Script
application/javascript 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/js/dnterrors.min.js?hash=2e2a0136a434e55f7328d683f312f6f4
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 94ee0e97215c8f1db64eeb3e1948eefb73a8c5a1c4aead335ac2cc37374a4409

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 10:57:55 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 35769
etag: W/"637dee14-6b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: TYWBEa-LIDRNPjKulwku-QB6sVYurDVwqeTzDpfhLVKND_Tko5ax7A==

GET
H2 200 step1.min.js Show response
soutenir.msf.fr/themes/default/js/ 18 KB
5 KB 61ms
60ms Script
application/javascript 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/js/step1.min.js?hash=77f299f7f9662441e31f9441b7c5c3cb
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d04553dd0de028605a2407de8617be2771e3eaf431fab74d1d4abe868ea2ff4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:26:09 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 19675
etag: W/"637dee14-46c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: el1jVwH1kk0l93FeMWgcdkmKBtvYKiR_mgsRGvo175xeU-o6oCp4AQ==

GET
H2 200 step2.min.js Show response
soutenir.msf.fr/themes/default/js/ 4 KB
2 KB 57ms
56ms Script
application/javascript 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/js/step2.min.js?hash=ba612e253e5228894e4cf95488048096
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 390402899eeb8f46a622f822869655dbbb74e32a430d1d59f97e0ab3711fb04d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 10:01:26 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:33 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 39158
etag: W/"637dee15-119d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: BbnyQmsSqzcWayk_B0FO74paazEEN0M1PzCtNjBHs6WkG58w2U6Vag==

GET
H2 200 step3.min.js Show response
soutenir.msf.fr/themes/default/js/ 7 KB
2 KB 60ms
59ms Script
application/javascript 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/js/step3.min.js?hash=1cbc70ae6688f4df94453feb30066dcd
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 202178ee6a1a67355b7d98d6a60353221bdd167c3e397f60babd979af4ddf960

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 10:01:26 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:33 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 39158
etag: W/"637dee15-1cb7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: kMVrtrlyLTmeatJQGRf_2-PrOIeMZAIMe8zcPum2f_1QdJ-VcRUV0A==

GET
H2 200 steps.min.js Show response
soutenir.msf.fr/themes/default/js/ 4 KB
2 KB 127ms
126ms Script
application/javascript 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/js/steps.min.js?hash=089e9a2bbf1abefee35295f270d54724
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8dadae55c0f6f1b0632f1af8ff8aafef9f78bb0e9839657423ba6724657c0a7b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:26:09 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:33 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 19676
etag: W/"637dee15-10c7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 3CqPKbtnFBO5gy8rmqghCDsQNS-OKnLQ2D4TAR-oJY3Jod492GJX5g==

GET
H2 200 jquery.ir-priceinput.min.js Show response
soutenir.msf.fr/themes/default/js/ 428 B
743 B 59ms
58ms Script
application/javascript 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/js/jquery.ir-priceinput.min.js?hash=07482ff72021c2c53278074abe52347f
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fb3dab6d97df8490b2eed9a51459e8ed4583057083f714008f1c796b368ffded

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:26:09 GMT
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 19675
etag: "637dee14-1ac"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 428
x-amz-cf-id: jLar0PmO51jOP7Fm8Ze9g6dN12emn_-u2AEfPXoDieue2o4f9MoNbQ==

GET
H2 200 common.min.js Show response
soutenir.msf.fr/themes/default/js/ 18 KB
5 KB 63ms
62ms Script
application/javascript 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/js/common.min.js?hash=28b880d66b90e6efe0a107a5650d8042
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bf3f8fc35359b7ab1f46bbcb2c62c6419567f356e6124d028ed9e2e0763870e6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:26:09 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:33 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 19675
etag: W/"637dee15-47ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: gTaOGp-3V8-olfJdXl0uT9sSbwqB8EK9RAmWOXPIqq4TNpzjvTbuFw==

GET
H2 200 arya.js Show response
soutenir.msf.fr/themes/default/arya/dist/v2.3/ 116 KB
36 KB 89ms
87ms Script
application/javascript 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.js?v=24
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c13acee58b35c538cacc4ab750084e84092016199ed35cfd223b34adeb16f68a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 13:20:56 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 27188
etag: W/"637dee14-1d02b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 4xGE3FTt3-2dtDF3RQh5GKVHByEWeOQU4LeJDnnvKpoj3SmIVraCLg==

GET
H2 200 arya.css
soutenir.msf.fr/themes/default/arya/dist/v2.3/ 191 KB
27 KB 84ms
83ms Stylesheet
text/css 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7398868f4bdfc2f2d9783e1c21fa9dc7140a951d557924e1c638d12ce111052b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 13:20:56 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 27188
etag: W/"637dee14-2fcc1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: _7cSdR8EIIQ6tvTn7YLl-IWvjG2Q240haMsDFQq-apCSrDrAB7Cl5A==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 80ms
29ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: e0VkrpV+7zqDAjQ/RMXPsw==
age: 77293
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:39 GMT
server: cloudflare
etag: 0x8DADF1BA184D727
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 26e168d1-b01e-0029-41ac-11aea4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 77c308096969f1a0-CDG

GET
H2 200 MSF-logo-white1.png
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/ 8 KB
8 KB 35ms
34ms Image
image/png 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/MSF-logo-white1.png
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4273a9187cb6503119bdbcfd186f43f6aee527e53c60d93a0e9add105fdf35c4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:55:44 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 3501
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 7889
x-amz-cf-id: XIubSwDVfhIGRvIDYd5_72vaSl3c4IerW_b3dDtY4Bg_7-L-5pFiyg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 test2.jpg
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/pricelist_item/ 18 KB
19 KB 56ms
54ms Image
image/jpeg 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/pricelist_item/test2.jpg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ee58ff45b5b752fe10e64cc907c79c817a4f99757ca3cc14f847dc782c79966e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:41:02 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 783
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 18813
x-amz-cf-id: QoF1fZVSJZ6sTylOUOF5yzG7CJ-I7-xBgmiYlBsAzU9dnvIZ1cM4Sw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Test3.jpg
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/pricelist_item/ 23 KB
23 KB 44ms
42ms Image
image/jpeg 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/pricelist_item/Test3.jpg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e3e4dfb7b9c6e45c4c3510bb495c709d4334fa770502bdaee638f0323f7a5f8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:58:26 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 3339
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 23324
x-amz-cf-id: xKnvmLfpJhgJpa9IeOhx_tlMa2aSirfZZ37ZVZWPYLSeepLRMukXxA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 test4.jpg
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/pricelist_item/ 19 KB
19 KB 38ms
36ms Image
image/jpeg 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/pricelist_item/test4.jpg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 68c4f790e19defeadb13de6f9b406a7d4aeae16da42cf4d96d2093733991ca03

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:58:26 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 3339
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 19280
x-amz-cf-id: YG-pJq4mZ4uisb7JuN8aHsQinO9CBLcHc4lOjhFQEy9YECl-w2W5LQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 test5.jpg
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/pricelist_item/ 28 KB
29 KB 40ms
38ms Image
image/jpeg 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/pricelist_item/test5.jpg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: aa87b8787be863c04161b0a9f91ac7b3577c9a9f54c0210053e1c7966985f40a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:58:26 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 3339
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29183
x-amz-cf-id: e170r2z_4SEFRh8nrNcLKCWcFFe1VVAnPCLwWm_buFkj4m8KV5JGRA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 test6.jpg
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/pricelist_item/ 26 KB
26 KB 52ms
51ms Image
image/jpeg 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/pricelist_item/test6.jpg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a1dcbb0da04d27c5dcd2de36e40befb7ec08f2a614afc694331b7a45d640c098

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:58:26 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 3339
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 26671
x-amz-cf-id: Ftj1g0bTNT-QPfj4LOY2qskCchCj-bZSWz_wHnFIGdw4sZjN-OUGTQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 test7.jpg
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/pricelist_item/ 31 KB
31 KB 48ms
47ms Image
image/jpeg 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/pricelist_item/test7.jpg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cf65b60a457d9933d6e3c53a9e40dcf587d5a340c7867faf30d941aa88dc750a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:58:26 GMT
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 3339
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 31468
x-amz-cf-id: jhA5XpWWnmVMpNRNi-1UHGkDbN9GIaO94HMSLVfWBjwcv0UBn8jGpQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 test8.jpg
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/pricelist_item/ 24 KB
25 KB 46ms
45ms Image
image/jpeg 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/pricelist_item/test8.jpg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b0a8314caa36de66c55015682645450c951f1576f0109ba77b92d7652e3fca8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:58:26 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 3339
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24920
x-amz-cf-id: Fnfw_Vvttt-iOKdvcmr0xaIXPwpJ1JqQxJotDIl9_3lYmWvFm1VbeQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 payment-find-my-address.min.js Show response
soutenir.msf.fr/libs.iraiser.eu/libs/payment-find-my-address/production/v2/ 33 KB
11 KB 35ms
35ms Script
application/x-javascript 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/libs.iraiser.eu/libs/payment-find-my-address/production/v2/payment-find-my-address.min.js
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d437016140b0f138384fe35d7e7bf278dfa1778e87af624b230752a351fe585

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:58:53 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4, VIE50-C1
age: 3312
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000, public
x-amz-cf-id: IuSN7jXLyoVcz-ZWmOdhgLTqSaX2QsyIDUuq7uCE41dyqMNY9dCOug==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 powered-by-iraiser.png
soutenir.msf.fr/libs.iraiser.eu/design/powered-by/v1/ 2 KB
2 KB 53ms
53ms Image
image/png 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/libs.iraiser.eu/design/powered-by/v1/powered-by-iraiser.png
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 27f4af2dd922b70eb219d7ab51ca7f6b0eedb7664bc9c077b62b5859aaa93cdb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:37:36 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4, VIE50-C1
age: 989
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1780
x-amz-cf-id: CCTMy8BmQZzpmOU7NYRe7Q57fmj22Wq04WHezfDW4OOmfjzXLs-Kng==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 reset-fonts.css
soutenir.msf.fr/themes/default/css/core/ 1 KB
932 B 51ms
50ms Stylesheet
text/css 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/css/core/reset-fonts.css
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/css/style_v2.css?hash=43e361a8f3b92db452484039c64b91df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c40e247365d8a712662ee4991f0a78a379be4dc429f8a85dba0a27e7764410e9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/themes/default/css/style_v2.css?hash=43e361a8f3b92db452484039c64b91df
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:26:09 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:33 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 19676
etag: W/"637dee15-417"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: Y7J0rdXWW_bUK4SMN8kr9bK0xxMKBdBDSOmy65RnR3hcIBDF1C-dIg==

GET
H2 200 grids.css
soutenir.msf.fr/themes/default/css/core/ 498 B
805 B 71ms
71ms Stylesheet
text/css 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/css/core/grids.css
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/css/style_v2.css?hash=43e361a8f3b92db452484039c64b91df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1306483c1bea5b5c8b2c56d7ce711ef794860241a74f27bb20bb99ac04bb9ca0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/themes/default/css/style_v2.css?hash=43e361a8f3b92db452484039c64b91df
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:26:09 GMT
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 19676
etag: "637dee14-1f2"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 498
x-amz-cf-id: _D3Y1M6OHfOMOqnv433iM8VbhP0TU2HeMuZS9FHF6XWUHclV8-ejeQ==

GET
H2 200 grids-mqueries_v2.css
soutenir.msf.fr/themes/default/css/core/ 5 KB
1 KB 51ms
51ms Stylesheet
text/css 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/css/core/grids-mqueries_v2.css
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/css/style_v2.css?hash=43e361a8f3b92db452484039c64b91df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d6d9e026c3e3271569129f404d097c232122f9c2728ae25357561ca6a63b4f6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/themes/default/css/style_v2.css?hash=43e361a8f3b92db452484039c64b91df
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 10:57:55 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:33 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 35770
etag: W/"637dee15-1261"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: HKcfmi-1-6K9JQuBgBHGgg756VU3TRE8pliQavgPznVYj-yRIsfbrg==

GET
H2 200 c80e9d7a-dbec-4b7f-91ed-c2a76134804f.json Show response
cdn.cookielaw.org/consent/c80e9d7a-dbec-4b7f-91ed-c2a76134804f/ 3 KB
2 KB 68ms
31ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/c80e9d7a-dbec-4b7f-91ed-c2a76134804f/c80e9d7a-dbec-4b7f-91ed-c2a76134804f.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

769fb521764ee953b2cefbc63fa8e214826d9020270e77e1f3dea99fecd61586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: T7uTHhB5wDwHehfoYiT0AA==
age: 36558
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1252
x-ms-lease-status: unlocked
last-modified: Thu, 02 Dec 2021 14:06:06 GMT
server: cloudflare
etag: 0x8D9B59CE230A177
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2852c3df-901e-00bd-20cc-4fce6a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 77c3080a6d9bd6a2-CDG
expires: Tue, 20 Dec 2022 20:54:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 548 KB
116 KB 141ms
84ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NN28W5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9cabdd0558241264fbf35d8b4fffcb906b13c8a584393dba138b1ed7f711206

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118430
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Dec 2022 20:54:05 GMT

GET
H2 200 MSF336072modifie.jpg
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/ 467 KB
468 KB 54ms
54ms Image
image/jpeg 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/MSF336072modifie.jpg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f5d74734bea0ddce22de686b8993918fc3c2b20460faf48be01fb7623e9a6c9e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:44:26 GMT
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 579
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 477769
x-amz-cf-id: D-MdZmDPsdA4AOAVDJUDYbtXIU5J2uSnUGK4WV8pJQ3As6xVeZwFNQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 payment-find-my-address.min.css
soutenir.msf.fr/libs.iraiser.eu/libs/payment-find-my-address/production/v2/ 5 KB
3 KB 67ms
66ms Stylesheet
text/css 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/libs.iraiser.eu/libs/payment-find-my-address/production/v2/payment-find-my-address.min.css
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/js/jquery-1.11.2.min.js?hash=5790ead7ad3ba27397aedfa3d263b867
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 40c92f3f4dff5d46ac14fc30682dfbd18a622179eb254c45ac6066f83ab4b2c7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:32:09 GMT
content-encoding: gzip
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P4, VIE50-C1
age: 1316
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000, public
x-amz-cf-id: YKwbSnTvSVbhZ7Qp_FD0Jck1s2FfZM2h1o4aZtSL97GMYd4gwieUQA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 406 KB
98 KB 83ms
18ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9080759f8df9cc79344d1a219beb77cc9c65d37b609b4e5aed5e6ebf7594ae8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 20:54:05 GMT
via: 1.1 varnish
age: 45
x-cache: HIT
content-length: 100104
x-request-id: 1f8e5c74-57a2-4980-894e-a4173b1c66ea
x-served-by: cache-cdg20741-CDG
last-modified: Mon, 19 Dec 2022 19:35:04 GMT
server: Fastly
etag: "26c51d3fbb8332171fcf09c97a2c7d05"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20

GET
H2 200 check.css
monitoring.iraiser.eu/ 8 B
274 B 211ms
88ms Stylesheet
text/css 2600:9000:2104:3800:5:e00c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://monitoring.iraiser.eu/check.css?z=0.018389290059810603&cid=soutenir.msf.fr%2F8967257620.1671483245&dl=https%3A%2F%2Fsoutenir.msf.fr%2FMSF%2Fb%3Asteps%2Fcid%3D176&sc=start&dr=https%3A%2F%2Ftracker.ubc-tracking.com%2F&cd=2022-12-19%3A21.54.04-63a0cf6c86741&dt=soutenir.msf.fr%2Fdonations&ul=fr-FR&ds=web
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:3800:5:e00c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: f04d6f4e31655290294a18aff5e6d9174a2990f5550f1939f59c41f8cb451073

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-C1
age: 22767
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
content-length: 8
x-amz-cf-id: aonV6-iwRAmDGepg_AOFTelIP-tRPqm1pSRDjPhSGz5zwek1M8MGAg==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 342ms
34ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.js?v=24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 20:47:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 20:54:05 GMT

GET
H2 200 select2.full.min.js Show response
soutenir.msf.fr/themes/default/js/ 70 KB
20 KB 128ms
128ms XHR
application/javascript 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soutenir.msf.fr/themes/default/js/select2.full.min.js?_=1671483245128
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/js/jquery-1.11.2.min.js?hash=5790ead7ad3ba27397aedfa3d263b867
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 249e5b8d94463770e790d8f77f3be78c5eaf988b1620aec32ade2c34340b0563

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
etag: W/"637dee14-1165d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: 0Hfc-g5-s4u-leWqdRdnF5LbdHUWElNhz_FrFY9_Eyr2VbkDOC2-3g==

GET
H2 200 pay_credit-card_full_size.svg
soutenir.msf.fr/themes/default/arya/dist/v2.3/assets/payment_title/ 2 KB
972 B 130ms
128ms Image
image/svg+xml 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/assets/payment_title/pay_credit-card_full_size.svg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 54802cf593868e4306c6c828edce5eb96d2a2b1df749c5d9b77f7a831f6bd1ca

Request headers

Referer: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Origin: https://soutenir.msf.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
etag: W/"637dee14-661"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: bGog5kXOoGKEcGYxASACl1lL31HsGVPpN6E6HBAHypBG3oKj3xgqLw==

GET
H2 200 pay_default_full_size.svg
soutenir.msf.fr/themes/default/arya/dist/v2.3/assets/payment_title/ 6 KB
3 KB 132ms
131ms Image
image/svg+xml 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/assets/payment_title/pay_default_full_size.svg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b95b7a9cadd01140ae044897ece39ddea0179063f54819b416c84c116373666b

Request headers

Referer: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Origin: https://soutenir.msf.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
etag: W/"637dee14-17b8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: QwwO_VuzYEbx4WSLwcparG-o1Tt5_ZEFabDx0bptk843cRORXw0j_Q==

GET
H2 200 pay_paypal_full_size.svg
soutenir.msf.fr/themes/default/arya/dist/v2.3/assets/payment_title/ 2 KB
1 KB 86ms
84ms Image
image/svg+xml 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/assets/payment_title/pay_paypal_full_size.svg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: abc57ce25ffb0f237a09e2d87dc102688ec1217ea15c3b48052fffa2aac3fc1f

Request headers

Referer: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Origin: https://soutenir.msf.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
etag: W/"637dee14-7aa"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 8ex48KxFoDJngYtQyQ3TiQ2pd2Q9tYNMGi_Pg5ngy496EaQwZRfgXQ==

GET
H2 200 pay_check_full_size.svg
soutenir.msf.fr/themes/default/arya/dist/v2.3/assets/payment_title/ 4 KB
2 KB 133ms
132ms Image
image/svg+xml 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/assets/payment_title/pay_check_full_size.svg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f58fe8336c0f689d3f42e631e6eb118fead7a3663a4e21a2abc52adfe634b856

Request headers

Referer: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Origin: https://soutenir.msf.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:33 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
etag: W/"637dee15-e86"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: EqKrIrKd4vrDb9dABrfvREpvf-lMedck-nSN4lWA9I40T5H2Hd3cPQ==

GET
H2 200 master_card.svg
soutenir.msf.fr/themes/default/arya/assets/creditcard-icons/ 17 KB
7 KB 55ms
54ms Image
image/svg+xml 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/themes/default/arya/assets/creditcard-icons/master_card.svg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e96f957f3b933025d8abae96957af9c84f52d917765ca17d2147b2b6175b7c0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:40 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 14485
etag: W/"637dee14-45cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: it0R6SOQIhM1elvix-nYiS_lyV4jfVgPn-RooCKRyt-1LPVYlPafKw==

GET
H2 200 visa.svg
soutenir.msf.fr/themes/default/arya/assets/creditcard-icons/ 3 KB
2 KB 54ms
53ms Image
image/svg+xml 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/themes/default/arya/assets/creditcard-icons/visa.svg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c64b06046f59f32cec8d32c3b0208058d07fe0a926ca7e9a82ae3ee2088c5e0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:40 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 14485
etag: W/"637dee14-c28"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 7WPFZW5qaEz_eom5Cqvc5aMgZcu-i5926kwiO3AtwNCHaxG0PNfc_g==

GET
H2 200 carte_bleue.svg
soutenir.msf.fr/themes/default/arya/assets/creditcard-icons/ 3 KB
1 KB 53ms
52ms Image
image/svg+xml 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/themes/default/arya/assets/creditcard-icons/carte_bleue.svg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d93f96d51139f0bae7ce109fca09678eb9234beae572d7dcb4bc4cb1120bdd61

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:40 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 14485
etag: W/"637dee14-c3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: POzA5laCSHEKI3DpIzRNfMO0mfp61t7yMQLEOum4ZEtqxdZOFAx3Zg==

GET
H2 200 american_express.svg
soutenir.msf.fr/themes/default/arya/assets/creditcard-icons/ 11 KB
4 KB 98ms
96ms Image
image/svg+xml 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/themes/default/arya/assets/creditcard-icons/american_express.svg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d368020de68c5eceb0f43be7d07776ac1a4bbbf5c67f2fc08ceb38123f3882be

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:40 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 14485
etag: W/"637dee14-2ba5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 7Q20mzr9nxQRjxqKAI_eSoCy1G9YErrRBW-NGmVe4pJLFKxGjIkoTA==

GET
H2 200 powered_by_white.png
soutenir.msf.fr/themes/default/arya/assets/ 8 KB
8 KB 70ms
69ms Image
image/png 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/themes/default/arya/assets/powered_by_white.png?v=2
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 570307cf55ab0a86950ee2500c3ad8bead23b801070417923d9df4ae250f4df4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:40 GMT
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:33 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 14485
etag: "637dee15-1f07"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 7943
x-amz-cf-id: kCXIqI3lB1B5n29PUn7MLi7jFIuVnjuo2R9Z8lMn6-xEo_jBpn3NAg==

GET
H2 200 test2.jpg
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/ 47 KB
48 KB 44ms
43ms Image
image/jpeg 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/test2.jpg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2831592b8ccc081a0d8689b4bce9472abee28e93ae93481e93b59056229ca6c9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:58:26 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 3339
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 48497
x-amz-cf-id: NjlPLezGxc-95zyN4ZTYYPD5t4iIhG2srVrje2NHrgqfaw9TEtke4g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Test3.jpg
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/ 62 KB
62 KB 38ms
36ms Image
image/jpeg 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/Test3.jpg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8427c71e46a97369ea55225a306c77b9b54450c66083533b7a135e3aa5702b2f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:58:26 GMT
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 3339
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 63004
x-amz-cf-id: 0FbbLGgS2bt0Hsmu7ZJzUWzbLklEl_H4EuOV2c7jFmKbAQQ1yy9fWg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 test4.jpg
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/ 48 KB
49 KB 48ms
47ms Image
image/jpeg 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/test4.jpg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 88b2a4cc02f82a0f86c23850e0b18f54e90a823e8f3c288ea2aa31268bdbc72d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:58:26 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 3339
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 49250
x-amz-cf-id: iYRq7iLdwmtWYTXQLQkRq3RWWXLYJrTu1hPWYKrbRNise4Dp6lginA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 test5.jpg
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/ 100 KB
100 KB 43ms
42ms Image
image/jpeg 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/test5.jpg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c32287fc05433b98db9cc6ad2ab1fe97de270779e86bf3dd7344a4d28399926d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:58:27 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 3338
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 102309
x-amz-cf-id: UEMeVwIUnOoiz0b8-BYtwEKlpUuP1FlAlMj3cVMqU1C4r2FQRsx33A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 test6.jpg
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/ 86 KB
86 KB 51ms
50ms Image
image/jpeg 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/test6.jpg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: df052e1a45676236e4a80e070c9882200613f0461d80290a1ea78c1552fa28f9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:58:27 GMT
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 3338
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 87765
x-amz-cf-id: Wv_0O8TZk2He4Hc-usgvVnzvu165gPalkHtVzHguKguyWFbrHziYSw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 test7.jpg
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/ 118 KB
118 KB 54ms
53ms Image
image/jpeg 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/test7.jpg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e6e280f216f44c1f4d9908ed2122f108ab7d57a36a12527c5a3365db87dac165

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:58:27 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 3338
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 120724
x-amz-cf-id: UICdMitUi6FeAk6fK6qrB-NM-Bgcx9SeQ85zYPtI9IJ4jenNDKn-HQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 test8.jpg
soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/ 84 KB
85 KB 49ms
48ms Image
image/jpeg 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/cdn.iraiser.eu/nVa56vU9/+oWCTbVN5Lrpw==/default/origin/test8.jpg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d9f7a08c292348733ace758b5c4c741989b11e28fd3e8694fead6133ee1fd42f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:58:27 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront), 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5, VIE50-C1
age: 3338
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 86146
x-amz-cf-id: zAW32yKVRF7sFxZmQIGcp7TrYy54zFUQhib3SO8RhxOxtZv6qT_S-w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_pen.svg
soutenir.msf.fr/themes/default/arya/assets/ 2 KB
1 KB 57ms
57ms Image
image/svg+xml 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/themes/default/arya/assets/icon_pen.svg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 708f843d0fbf4223ac741b12257f7391be00b8c694ebe21c6da3bc2e187faa2c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:40 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
age: 14485
etag: W/"637dee14-72b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: OiGaVkJxDgZWyfnONK3d4bHozVdH85v_I2kC6rfQkFZWAus1ZgskIg==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 73ms
33ms XHR
application/json 2606:4700::6812:1b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39f7093b64cc148b96e3a8e1a8d849fcd4fda75781388e413014128f3dfffcf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://soutenir.msf.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 77c3080b28d099e1-CDG
access-control-allow-headers: Content-Type

GET
H2 200 controller-c3d8f39ab4737de969e208051aa024ba.html Show response
js.stripe.com/v3/ Frame AEF2 325 B
675 B 19ms
18ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-c3d8f39ab4737de969e208051aa024ba.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8842a9f3772453772e6c0c025f2b6d84714620c2146323ac63eb31d27ef97ed3

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://soutenir.msf.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 42
cache-control: max-age=60
content-encoding: br
content-length: 152
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 20:54:05 GMT
etag: "c3d8f39ab4737de969e208051aa024ba"
last-modified: Mon, 19 Dec 2022 19:07:03 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 28
x-content-type-options: nosniff
x-request-id: 235b4437-0b77-4e5a-88d0-400e201809b3
x-served-by: cache-cdg20741-CDG

GET
H2 200 payment-request-inner-google-pay-d42b6196060b8773f984523bc42ac07c.html Show response
js.stripe.com/v3/ Frame E1C5 408 B
864 B 18ms
18ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-d42b6196060b8773f984523bc42ac07c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

dd31256cb75666d71675ee27842ac76189f8d00a192661dd3616d0526dddf467

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://soutenir.msf.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6330
cache-control: max-age=31536000
content-encoding: br
content-length: 181
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 20:54:05 GMT
etag: "d42b6196060b8773f984523bc42ac07c"
last-modified: Mon, 19 Dec 2022 19:07:15 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 92
x-content-type-options: nosniff
x-request-id: 4e2bebd5-fc0e-4601-aa1e-0e875716fe7e
x-served-by: cache-cdg20741-CDG

GET
H2 200 payment-request-inner-browser-3dcab663bbec6fb90fd63c763ba3517a.html Show response
js.stripe.com/v3/ Frame AFEA 344 B
1 KB 18ms
18ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-3dcab663bbec6fb90fd63c763ba3517a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f6aea10072c8ffeda10ce1cf2c8d3abcd786a1ef50a5097dd1fd95fdae14d980

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://soutenir.msf.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 42
cache-control: max-age=60
content-encoding: br
content-length: 159
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 20:54:05 GMT
etag: "3dcab663bbec6fb90fd63c763ba3517a"
last-modified: Mon, 19 Dec 2022 19:07:15 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 10
x-content-type-options: nosniff
x-request-id: c82ec45b-61c7-4cff-8c1f-77053e3f2b23
x-served-by: cache-cdg20741-CDG

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.27.0/ 321 KB
76 KB 29ms
29ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a384d1fc7d84b2fe1b1cb470193838a86a5c72d39268aed7825e2235285b5ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8eaHtBigP1U3b42ruIgxsQ==
age: 47702
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 78056
x-ms-lease-status: unlocked
last-modified: Mon, 29 Nov 2021 20:31:00 GMT
server: cloudflare
etag: 0x8D9B37727F240FD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7f82bfc5-f01e-0048-0667-33ea7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 77c3080b6cfcf1a0-CDG

POST
H2 200 csp-report
q.stripe.com/ Frame AEF2 0
570 B 544ms
162ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: tracker.ubc-tracking.com
URL: https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-39a8a49140224562346b85ec082c4ca2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AEF2 294 KB
66 KB 23ms
22ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-c3d8f39ab4737de969e208051aa024ba.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

636a24e0391398042b024ed521d3193019c51b7df0a50e3b86e55b6aea8f58d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/controller-c3d8f39ab4737de969e208051aa024ba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 20:54:05 GMT
via: 1.1 varnish
age: 6329
x-cache: HIT
content-length: 67310
x-request-id: ff3e1969-5864-4771-a2b4-e0ee798ad8fd
x-served-by: cache-cdg20741-CDG
last-modified: Mon, 19 Dec 2022 19:07:14 GMT
server: Fastly
etag: "5f03fcd05db8a1b3736c406ce8ecb71f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1498

GET
H2 200 controller-74c7aa49635872622bcef222cf5935ce.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AEF2 456 KB
111 KB 23ms
23ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-74c7aa49635872622bcef222cf5935ce.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-c3d8f39ab4737de969e208051aa024ba.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fb472630e98d7762c77ecd518310ed064241e339969fee462c9ad0da1f6411e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/controller-c3d8f39ab4737de969e208051aa024ba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 20:54:05 GMT
via: 1.1 varnish
age: 6328
x-cache: HIT
content-length: 113311
x-request-id: 3351c0bf-5b89-40f6-acc1-c9b6cb6124e2
x-served-by: cache-cdg20741-CDG
last-modified: Mon, 19 Dec 2022 19:07:12 GMT
server: Fastly
etag: "8a7bc18075329fd15074b688bc45381b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1430

POST
H2 200 csp-report
q.stripe.com/ Frame E1C5 0
571 B 539ms
160ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: tracker.ubc-tracking.com
URL: https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E1C5 0
570 B 698ms
320ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: tracker.ubc-tracking.com
URL: https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame E1C5 104 KB
33 KB 157ms
71ms Script
application/javascript 2a00:1450:4013:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d42b6196060b8773f984523bc42ac07c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c07::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84fc54a73ed8523d42062af8881d8a4f3eed9ed80817f6fde74964844911ad1a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-8kzAhCpZBlS26nkQnnLOZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-8kzAhCpZBlS26nkQnnLOZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 19 Dec 2022 20:54:05 GMT

GET
H2 200 shared-39a8a49140224562346b85ec082c4ca2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E1C5 294 KB
66 KB 37ms
37ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d42b6196060b8773f984523bc42ac07c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

636a24e0391398042b024ed521d3193019c51b7df0a50e3b86e55b6aea8f58d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-d42b6196060b8773f984523bc42ac07c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 20:54:05 GMT
via: 1.1 varnish
age: 6329
x-cache: HIT
content-length: 67310
x-request-id: b5ac3073-0652-4c27-9409-f8e3e0a8c3cc
x-served-by: cache-cdg20741-CDG
last-modified: Mon, 19 Dec 2022 19:07:14 GMT
server: Fastly
etag: "5f03fcd05db8a1b3736c406ce8ecb71f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1499

GET
H2 200 payment-request-inner-google-pay-95d47082c4cb0cd058abd5fb4db6de84.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E1C5 9 KB
3 KB 20ms
19ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-95d47082c4cb0cd058abd5fb4db6de84.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d42b6196060b8773f984523bc42ac07c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ca2da25ca733139ab1211bc78a116fdc99158a89c2cf9faa5d10d6fb9e09f213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-d42b6196060b8773f984523bc42ac07c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 20:54:05 GMT
via: 1.1 varnish
age: 3113136
x-cache: HIT
content-length: 3383
x-request-id: b7b41de6-d47d-4690-a3ab-aa65700ad082
x-served-by: cache-cdg20741-CDG
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "1d702381bed2746ffebb1ffefc2444b4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14484

POST
H2 200 csp-report
q.stripe.com/ Frame AFEA 0
570 B 692ms
318ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: tracker.ubc-tracking.com
URL: https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame AFEA 0
570 B 534ms
161ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: tracker.ubc-tracking.com
URL: https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-39a8a49140224562346b85ec082c4ca2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AFEA 294 KB
66 KB 38ms
37ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-3dcab663bbec6fb90fd63c763ba3517a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

636a24e0391398042b024ed521d3193019c51b7df0a50e3b86e55b6aea8f58d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-3dcab663bbec6fb90fd63c763ba3517a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 20:54:05 GMT
via: 1.1 varnish
age: 6329
x-cache: HIT
content-length: 67310
x-request-id: 16331f02-11da-4291-855a-d149a5d18526
x-served-by: cache-cdg20741-CDG
last-modified: Mon, 19 Dec 2022 19:07:14 GMT
server: Fastly
etag: "5f03fcd05db8a1b3736c406ce8ecb71f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1500

GET
H2 200 payment-request-inner-browser-db489d3ed3c03d228ca7eae98380b4bb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AFEA 11 KB
4 KB 37ms
37ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-db489d3ed3c03d228ca7eae98380b4bb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-3dcab663bbec6fb90fd63c763ba3517a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

60b7417fecca912926f6bfa3a11c2e50d18e6c7490e759448cfb6feed573cf29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-3dcab663bbec6fb90fd63c763ba3517a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 20:54:05 GMT
via: 1.1 varnish
age: 3113318
x-cache: HIT
content-length: 4246
x-request-id: 8fba73e5-516b-45b3-80df-7c41eae32df7
x-served-by: cache-cdg20741-CDG
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "c8e2b06db6e11dea0461de74e850b6a6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 26672

GET
H2 200 tag_50106_4.js Show response
t.wizaly.com/50106/ 34 KB
14 KB 153ms
35ms Script
application/javascript 52.47.181.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.wizaly.com/50106/tag_50106_4.js
Requested by: Host: tracker.ubc-tracking.com
URL: https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.181.161 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-181-161.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: 771dd7bb887ae9a272b92c8bc760398705c4255eb004d97741231e24e9e9bf6f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: gzip
last-modified: Mon, 17 Oct 2022 07:16:54 GMT
server: nginx
etag: W/"634d0166-88d3"
p3p: CP="NON DSP COR ADM PSA IVA OUR STP NAV"
content-type: application/javascript
cache-control: public, max-age=86400

GET
H2 200 tag_50106_14.js Show response
t.wizaly.com/50106/ 26 KB
12 KB 153ms
36ms Script
application/javascript 52.47.181.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.wizaly.com/50106/tag_50106_14.js
Requested by: Host: tracker.ubc-tracking.com
URL: https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.181.161 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-181-161.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: e7f04716e5f316f3a4a1f88dc455a59d5fd949dfa4fdafa374c79257c3b62e80

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: gzip
last-modified: Wed, 12 Oct 2022 16:24:51 GMT
server: nginx
etag: W/"6346ea53-6884"
p3p: CP="NON DSP COR ADM PSA IVA OUR STP NAV"
content-type: application/javascript
cache-control: public, max-age=86400

GET
H2 200 84bd0798ddc28e79432e79e742c9d59c.js Show response
try.abtasty.com/ 301 KB
86 KB 195ms
40ms Script
application/javascript 13.32.110.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/84bd0798ddc28e79432e79e742c9d59c.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN28W5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-75.vie50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 899ef6cfbf8612754604cb4fe46d09b41e41f4d7961df109d827c2a58946ccb3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 17:34:30 GMT
content-encoding: gzip
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
last-modified: Mon, 19 Dec 2022 17:34:01 GMT
server: CloudFront
x-amz-cf-pop: VIE50-C2
age: 11975
etag: W/"c749d1093827ab6d89529fdfb282e5f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=86400,max-age=30
x-amz-cf-id: rw--zhprNSLSkihCtOCAfH8YKyncZJisDEpvDYyiGd1eHEdeZxDNJg==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame AEF2 474 B
603 B 54ms
18ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fe55be898f7fbc7b7c57f227829c33244d9afe9ed0f2afd99836b8c6c45f2a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-c3d8f39ab4737de969e208051aa024ba.html
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 15
x-cache: HIT
content-length: 295
x-request-id: 0e027e8c-b852-4d16-9751-ec2fa0a2c99e
x-served-by: cache-cdg20788-CDG
last-modified: Mon, 19 Dec 2022 19:35:51 GMT
server: Fastly
etag: "ad2fb172b2e15fd81766b10e51d4700d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9

GET
H2 200 FR.png
soutenir.msf.fr/themes/default/arya/dist/assets/flags/ 2 KB
3 KB 77ms
76ms Image
image/png 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/themes/default/arya/dist/assets/flags/FR.png
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 17518bc23bde1110dc980b8a7b76148213072f8d368146047a7f2b98469b9dd5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:33 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
etag: "637dee15-95b"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2395
x-amz-cf-id: 4FCmxEN7plOyx_fEFXDZW5KbiJgF-FQnoiP2W1yy2hRHkw4MJvyhEw==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/c80e9d7a-dbec-4b7f-91ed-c2a76134804f/5249dd9a-b965-4c89-8cbe-3a0e14edb67c/ 99 KB
19 KB 32ms
32ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/c80e9d7a-dbec-4b7f-91ed-c2a76134804f/5249dd9a-b965-4c89-8cbe-3a0e14edb67c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf8676ce47631fd69bb24cae918d96b92c836c5d938ca82679d6c4246a739285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: XrRdiDIXTy5OOxFEIRftnQ==
age: 33214
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 19703
x-ms-lease-status: unlocked
last-modified: Thu, 02 Dec 2021 14:06:08 GMT
server: cloudflare
etag: 0x8D9B59CE390C094
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c8703e5f-501e-000a-0833-5ac16f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 77c3080c6a39d6a2-CDG
expires: Tue, 20 Dec 2022 20:54:05 GMT

GET
H2 200 link-config Show response
merchant-ui-api.stripe.com/elements/ Frame AEF2 567 B
1 KB 287ms
195ms Fetch
application/json 52.49.17.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/link-config?key=pk_live_srqYyZqem3SpTx2GjUycaPjN&stripe_js_id=fdbfa9b2-4b3f-4e35-8dde-a52071378085

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.49.17.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-17-168.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b8aa73dba7af1f822c830c259a3278db0606c9ed75f5f43f4472ac0dba5063d8

Security Headers

Name	Value
Content-Security-Policy	report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
content-security-policy: report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 567
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
vary: Origin
x-robots-tag: none
access-control-allow-headers: x-stripe-csrf-token
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 684ms
325ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 685ms
326ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 684ms
326ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 689ms
330ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 687ms
329ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 685ms
328ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 688ms
331ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 839ms
482ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 838ms
481ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 686ms
330ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 837ms
481ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 838ms
482ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 838ms
483ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 838ms
483ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.27.0/assets/ 9 KB
3 KB 48ms
48ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.27.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +jov4yfsCuEy6e0uGehzYw==
age: 33179
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2584
x-ms-lease-status: unlocked
last-modified: Mon, 29 Nov 2021 20:30:51 GMT
server: cloudflare
etag: 0x8D9B377229DA3A2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 862babd0-a01e-011b-2e56-54b021000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 77c3080ccae7d6a2-CDG

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.27.0/assets/v2/ 47 KB
12 KB 34ms
34ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.27.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dd135c77cfd213efdc4aecbdbae73547950e4583ff6a2abd18d8bd107c4c435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Zo+3rPYNxsKsGYmd1h44hQ==
age: 33179
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11984
x-ms-lease-status: unlocked
last-modified: Mon, 29 Nov 2021 20:30:53 GMT
server: cloudflare
etag: 0x8D9B37723CF6961
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d94cf8d8-601e-00c5-7c56-54a6dd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 77c3080ccaebd6a2-CDG

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/6.27.0/assets/ 5 KB
2 KB 30ms
30ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.27.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 20:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: lNjRmvO7+WVd3lrIPMaRuA==
age: 33179
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2144
x-ms-lease-status: unlocked
last-modified: Mon, 29 Nov 2021 20:30:52 GMT
server: cloudflare
etag: 0x8D9B377234BA5B8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d4349a8e-901e-0131-3656-54c564000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 77c3080ccaedd6a2-CDG

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.27.0/assets/ 20 KB
4 KB 32ms
31ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.27.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 20:54:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 33179
x-ms-lease-status: unlocked
last-modified: Mon, 29 Nov 2021 20:31:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 1f613c03-e01e-00b9-2156-543be8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 77c3080ccaeed6a2-CDG

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 83ms
25ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://soutenir.msf.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 349910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:42:15 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame A343 18 KB
8 KB 70ms
69ms Document
text/html 2a00:1450:4013:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c07::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40f047455cdcbfb25686d4c606f7037fecd1a95b4a53e06754c287b30c1293f8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-IkWmZNgLN7Uj-cgQLDcyCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-IkWmZNgLN7Uj-cgQLDcyCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy: same-site
date: Mon, 19 Dec 2022 20:54:05 GMT
expires: Mon, 19 Dec 2022 20:54:05 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 cnst.gif
t.wizaly.com/anonymize/t/ 43 B
0 55ms
18ms Fetch
image/gif 52.47.181.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.wizaly.com/anonymize/t/cnst.gif?esvid=A50106&esvtid=4&esvlv=5&esvtv=55&esvr=0e8adba6&esvts=1671483245635&tsid=1671483245635&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&count=1&count_ok=0&esvref=https%3A%2F%2Ftracker.ubc-tracking.com&esvfrom=https%3A%2F%2Fsoutenir.msf.fr
Requested by: Host: t.wizaly.com
URL: https://t.wizaly.com/50106/tag_50106_4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.181.161 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-181-161.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 s.gif
t.wizaly.com/anonymize/t/ 43 B
191 B 19ms
19ms Image
image/gif 52.47.181.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.wizaly.com/anonymize/t/s.gif?esvid=A50106&esvtid=4&esvlv=5&esvtv=55&esvr=a6633268&esvts=1671483245635&esvuid=e9ad669b1852c2a4441&esvccid=51e2f51a7b8b63a0cf6d&tsid=1671483245634&esvrsl=1600x1200&esvbis=0&nu=1&esvref=https%3A%2F%2Ftracker.ubc-tracking.com%2F&esvfrom=https%3A%2F%2Fsoutenir.msf.fr%2Fcfa-2022%2F~mon-don&wiz_cnst=3
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.181.161 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-181-161.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 v.gif
t.wizaly.com/anonymize/p/ 43 B
191 B 18ms
18ms Image
image/gif 52.47.181.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.wizaly.com/anonymize/p/v.gif?esvid=A50106&esvtid=4&esvlv=5&esvtv=55&esvr=9eee926c&esvts=1671483245637&esvuid=e9ad669b1852c2a4441&esvccid=51e2f51a7b8b63a0cf6d&tsid=1671483245637&url=https%3A%2F%2Fsoutenir.msf.fr%2Fcfa-2022%2F~mon-don&urlref=https%3A%2F%2Ftracker.ubc-tracking.com%2F&gt_ms=1581&action_name=Soutenez%20notre%20association&wiz_cnst=3
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/cfa-2022/~mon-don?ns_ira_cr_arg=IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%2F%2BQjV16%2Ft%2FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%2BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%2B6SWPkcPhFMmSpqMnypF%2BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%3D%3D&utm_medium=emailing_prospecting&utm_source=ubcmedia-K6J2BRIZPR&utm_campaign=P22W10006&_cv=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.181.161 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-181-161.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 analytics.2cd07b1d2d00f689d998.js Show response
try.abtasty.com/shared/ 30 KB
8 KB 35ms
35ms Script
application/javascript 13.32.110.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/shared/analytics.2cd07b1d2d00f689d998.js
Requested by: Host: try.abtasty.com
URL: https://try.abtasty.com/84bd0798ddc28e79432e79e742c9d59c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-75.vie50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1c1b8b6d8d14b08fbbc6f1b23c0f5f3c19e853c345e4fb7338c19405696b5b9b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:20:39 GMT
content-encoding: gzip
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 13:20:38 GMT
server: CloudFront
x-amz-cf-pop: VIE50-C2
age: 372807
etag: W/"bb810514cd4302c1fc514bdf2c335b46"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=31536000,max-age=31536000
x-amz-cf-id: UBg-T1yB2UYkAe5UcDZdjVro6jmUUF9xqhlzjeXXouKTX_bXBPMCOg==

GET
H2 200 ua-parser Show response
dcinfos-cache.abtasty.com/v1/ 121 B
362 B 104ms
33ms Fetch
application/json 34.107.143.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dcinfos-cache.abtasty.com/v1/ua-parser

Requested by

Host: try.abtasty.com
URL: https://try.abtasty.com/84bd0798ddc28e79432e79e742c9d59c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.143.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

101.143.107.34.bc.googleusercontent.com

Software

- /

Resource Hash

bd02f1ab8d7ddc6a44e01a2ec1819208b3bc74cb4b3f3630790962bf4db17ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://soutenir.msf.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-envoy-decorator-operation: -
server: -
via: 1.1 google
vary: Accept-Encoding,User-Agent
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame A343 2 KB
2 KB 26ms
26ms Other
text/html 2a00:1450:4013:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: tracker.ubc-tracking.com
URL: https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c07::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Dec 2022 20:54:05 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pqRE1cjW1Qo.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame A343 155 KB
55 KB 83ms
26ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pqRE1cjW1Qo.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgd7lr3OfeWLhbDsKcI7bHoGnnm-w/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab8e2dd441a572a22fcc7ec205421e4fa218892d667ffd30804d0a5d2b1c8f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 01:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55892
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 06:26:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Dec 2023 01:44:24 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 566ms
483ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 409ms
327ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
128 B 405ms
323ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 404ms
324ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pqRE1cjW1Qo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Svn... Frame A343 69 KB
25 KB 81ms
26ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pqRE1cjW1Qo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SvnZyf6A1eU.L.B1.O/am=zAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgt9ItWSeqEMNHIVeWaCvaT_MSfSQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pqRE1cjW1Qo.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgd7lr3OfeWLhbDsKcI7bHoGnnm-w/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4b93a44ce619f9bc36b6ec16bb69dec6817695cb0593975e666dec0d0344aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 01:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25946
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 02:28:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Dec 2023 01:44:25 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame A343 1 MB
356 KB 81ms
80ms XHR
text/html 2a00:1450:4013:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c07::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87e50b18ea5f3fb14f91c1b9af3c513a0effc364db4a7efb44fd135c9999f102

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hTj6qkFWcxPIvQ4TrgpG2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:06 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hTj6qkFWcxPIvQ4TrgpG2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 19 Dec 2022 20:54:06 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame FF64 200 B
773 B 19ms
18ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://soutenir.msf.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3113334
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 20:54:06 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1891147
x-content-type-options: nosniff
x-request-id: 7234e0c4-91fe-46ce-9eb7-a7b996006d3c
x-served-by: cache-cdg20741-CDG

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pqRE1cjW1Qo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Svn... Frame A343 23 KB
9 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pqRE1cjW1Qo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SvnZyf6A1eU.L.B1.O/am=zAAg/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgt9ItWSeqEMNHIVeWaCvaT_MSfSQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3548dafa241c122874dddfd56b905eee884f0e2ac9a9d6381c892d2d76d745d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 01:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9240
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 02:28:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Dec 2023 01:44:25 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pqRE1cjW1Qo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Svn... Frame A343 35 KB
13 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.pqRE1cjW1Qo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SvnZyf6A1eU.L.B1.O/am=zAAg/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgt9ItWSeqEMNHIVeWaCvaT_MSfSQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f0593433f3de4bd66b04b2629ef0ae0423e30eedb295d6e9c16209b65afaee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 13:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13444
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 02:28:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 13:38:11 GMT

POST
H3 200 log Show response
play.google.com/ Frame A343 131 B
155 B 115ms
61ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Dec 2022 20:54:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Dec 2022 20:54:06 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 118ms
57ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Dec 2022 20:54:06 GMT
expires: Mon, 19 Dec 2022 20:54:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame A343 131 B
155 B 113ms
63ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Dec 2022 20:54:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Dec 2022 20:54:06 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 116ms
58ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Dec 2022 20:54:06 GMT
expires: Mon, 19 Dec 2022 20:54:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame A343 131 B
155 B 108ms
60ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Dec 2022 20:54:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Dec 2022 20:54:06 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 117ms
61ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Dec 2022 20:54:06 GMT
expires: Mon, 19 Dec 2022 20:54:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame A343 131 B
155 B 120ms
71ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Dec 2022 20:54:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Dec 2022 20:54:06 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 112ms
59ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Dec 2022 20:54:06 GMT
expires: Mon, 19 Dec 2022 20:54:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame A343 131 B
155 B 111ms
61ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Dec 2022 20:54:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Dec 2022 20:54:06 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 107ms
58ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Dec 2022 20:54:06 GMT
expires: Mon, 19 Dec 2022 20:54:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 296ms
294ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame FF64 0
570 B 162ms
161ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: tracker.ubc-tracking.com
URL: https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Dec 2022 20:54:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame FF64 0
570 B 162ms
161ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: tracker.ubc-tracking.com
URL: https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Dec 2022 20:54:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FF64 631 B
480 B 19ms
18ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 20:54:06 GMT
via: 1.1 varnish
age: 3113333
x-cache: HIT
content-length: 332
x-request-id: 93e1b5d7-40c6-4e14-b807-8fc722f11a89
x-served-by: cache-cdg20741-CDG
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1581807

POST
H3 200 log Show response
play.google.com/ Frame A343 131 B
155 B 101ms
61ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Dec 2022 20:54:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Dec 2022 20:54:06 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 59ms
58ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Dec 2022 20:54:06 GMT
expires: Mon, 19 Dec 2022 20:54:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 242ms
242ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 242ms
241ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 inner.html Show response
m.stripe.network/ Frame B737 930 B
2 KB 112ms
24ms Document
text/html 2600:9000:2057:8800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 168
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 20:51:18 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-id: OalAtg4kMcJlsc_qRITskbLnhKP1ojQEeBDc3XnC2L7YBABYZ2IVeg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 log Show response
play.google.com/ Frame A343 131 B
671 B 118ms
60ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Dec 2022 20:54:06 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Dec 2022 20:54:06 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 210ms
209ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 209ms
209ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 pay_google_full_size.svg
soutenir.msf.fr/themes/default/arya/dist/v2.3/assets/payment_title/ 1 KB
899 B 79ms
78ms Image
image/svg+xml 2600:9000:206e:fc00:11:7c4b:83c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/assets/payment_title/pay_google_full_size.svg
Requested by: Host: soutenir.msf.fr
URL: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fc00:11:7c4b:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3bb8e18a44fe8e3e00cc762e041d7f1c0be38dedc05f0a91be7c2738d510d3be

Request headers

Referer: https://soutenir.msf.fr/themes/default/arya/dist/v2.3/arya.css?v=24
Origin: https://soutenir.msf.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:54:06 GMT
content-encoding: gzip
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 09:55:32 GMT
server: nginx
x-amz-cf-pop: VIE50-C1
etag: W/"637dee14-44e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: T4rT5nhDpzXWKL6HGahYhZnjACIeWvqY7i-uuZzhZEXFCxi6ingpsQ==

POST
H2 200 0 Show response
r.stripe.com/ Frame AEF2 0
127 B 202ms
201ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-39a8a49140224562346b85ec082c4ca2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Dec 2022 20:54:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame B737 0
344 B 161ms
161ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: tracker.ubc-tracking.com
URL: https://tracker.ubc-tracking.com/?ref=MSFMED05&lf=53b8041bd9097e5bfab0a99e461a5645

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 20:54:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame B737 86 KB
14 KB 28ms
27ms Script
text/javascript 2600:9000:2057:8800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 20:50:50 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 198
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: UVu5re3go9nNj9XnXZIa5ORG9idfv9ZidqaflhysZ4KapqQVrxWlLQ==

POST
H2 200 6 Show response
m.stripe.com/ Frame B737 156 B
523 B 525ms
178ms XHR
application/json 44.239.165.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.165.78 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-165-78.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d8ff0f4a3384c95aa442f0b4384b17fbc41b65379446b762dfc27dd2d8cddfd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 19 Dec 2022 20:54:06 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
links.mdz01.fr/	1969-12-31 23:59:59	Name: TEMP_DATA Value: 9b8d4766-5498-4771-aa9c-a3e98571268b
links.mdz01.fr/	1969-12-31 23:59:59	Name: esg1 Value: ixe/LUh/cngVANiofDgAL5hX5ZNOcy/Fq/FXnM6/F/ae866b73
tracker.ubc-tracking.com/	1969-12-31 23:59:59	Name: JCMSFMED05 Value: 062653a2657a2807c884023f701d7a0f
.tracker.ubc-tracking.com/	1970-01-20 08:19:29	Name: CA1426 Value: 294618
.tracker.ubc-tracking.com/	1970-01-20 09:44:27	Name: C16 Value: 294618
soutenir.msf.fr/	1969-12-31 23:59:59	Name: dnt_amount Value: %7B%22amount%22%3A0%2C%22frequency%22%3A%22once%22%2C%22currency%22%3A%22EUR%22%2C%22amount_donation%22%3A0%2C%22amount_tip%22%3A0%7D
.google.com/	1970-01-20 12:41:34	Name: NID Value: 511=QDTFOa7x08dTAbVPIBsqE8_YiMPvMxmYN8HNsE7tQRxKoqntBS-l9xED70kTVlIhlhmbvFV2q0VLJtdeclPTozmzWd4N_la8raI84rYT5FQ2s2OoIeBLLUbvBRomw0TuR4WHdh5VGyA6qqqAUH-m-GBt6wtMj4l4fjx5hUwZSJs
.msf.fr/	1969-12-31 23:59:59	Name: wzuid Value: e9ad669b1852c2a4441
.msf.fr/	1969-12-31 23:59:59	Name: wzsid Value: 51e2f51a7b8b63a0cf6d
.msf.fr/	1969-12-31 23:59:59	Name: wzcnst Value: 3
.msf.fr/	1970-01-20 12:37:15	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Dec+19+2022+20%3A54%3A05+GMT%2B0000+(GMT)&version=6.27.0&isIABGlobal=false&hosts=&genVendors=&consentId=24392216-a0d3-4a3e-9914-4b9fe69c0d7a&interactionCount=0&landingPath=https%3A%2F%2Fsoutenir.msf.fr%2Fcfa-2022%2F~mon-don%3Fns_ira_cr_arg%3DIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMCdEPnT%252F%252BQjV16%252Ft%252FjYAfNuQGNrAydqzzBh6suXCrcXHatFrOh%252BEGL7ysqfgY0TnynxEpaUs6yv2mnP9b0URJzPJBA8UAerNcNIYgjJL%252B6SWPkcPhFMmSpqMnypF%252BCDVHomqbGjSxhoCap9xcrKUmPaE6KikS6bGNXgiZT1XsaNA%253D%253D%26utm_medium%3Demailing_prospecting%26utm_source%3Dubcmedia-K6J2BRIZPR%26utm_campaign%3DP22W10006%26_cv%3D1&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CC0005%3A0
m.stripe.com/	1970-01-20 17:54:03	Name: m Value: c7036613-7415-4559-b109-4cbc7f28f271c444f4
.soutenir.msf.fr/	1970-01-20 17:03:39	Name: __stripe_mid Value: b78a4927-eeb4-4306-a959-2c39f2d2e11cf108a6
.soutenir.msf.fr/	1970-01-20 08:18:05	Name: __stripe_sid Value: d32b2556-4b1b-49ef-9ae3-94d76c8fec243cd52b

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
dcinfos-cache.abtasty.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
js.stripe.com
links.mdz01.fr
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
monitoring.iraiser.eu
pay.google.com
play.google.com
q.stripe.com
r.ar-mtch1.com
r.stripe.com
soutenir.msf.fr
t.wizaly.com
tracker.ubc-tracking.com
try.abtasty.com
ubc-offers.com
www.googletagmanager.com
www.gstatic.com
13.32.110.75
13.69.68.37
147.135.137.195
151.101.192.176
176.126.250.255
2600:9000:2057:8800:19:7d10:bd80:93a1
2600:9000:206e:fc00:11:7c4b:83c0:93a1
2600:9000:2104:3800:5:e00c:b700:93a1
2606:4700::6810:9440
2606:4700::6812:1b55
2a00:1450:4001:808::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4013:c07::5c
34.107.143.101
44.239.165.78
52.47.181.161
52.49.17.168
54.187.119.242
54.187.159.182
0bf188b6361615e5fb331062355c056f29c7458e3ac7b3beccf8cbc90aa805eb
1306483c1bea5b5c8b2c56d7ce711ef794860241a74f27bb20bb99ac04bb9ca0
17518bc23bde1110dc980b8a7b76148213072f8d368146047a7f2b98469b9dd5
1b0a8314caa36de66c55015682645450c951f1576f0109ba77b92d7652e3fca8
1c1b8b6d8d14b08fbbc6f1b23c0f5f3c19e853c345e4fb7338c19405696b5b9b
1c64b06046f59f32cec8d32c3b0208058d07fe0a926ca7e9a82ae3ee2088c5e0
1d04553dd0de028605a2407de8617be2771e3eaf431fab74d1d4abe868ea2ff4
1d6d9e026c3e3271569129f404d097c232122f9c2728ae25357561ca6a63b4f6
202178ee6a1a67355b7d98d6a60353221bdd167c3e397f60babd979af4ddf960
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
249e5b8d94463770e790d8f77f3be78c5eaf988b1620aec32ade2c34340b0563
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
27f4af2dd922b70eb219d7ab51ca7f6b0eedb7664bc9c077b62b5859aaa93cdb
2831592b8ccc081a0d8689b4bce9472abee28e93ae93481e93b59056229ca6c9
2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
390402899eeb8f46a622f822869655dbbb74e32a430d1d59f97e0ab3711fb04d
39f7093b64cc148b96e3a8e1a8d849fcd4fda75781388e413014128f3dfffcf0
3bb8e18a44fe8e3e00cc762e041d7f1c0be38dedc05f0a91be7c2738d510d3be
3dd135c77cfd213efdc4aecbdbae73547950e4583ff6a2abd18d8bd107c4c435
3e3e4dfb7b9c6e45c4c3510bb495c709d4334fa770502bdaee638f0323f7a5f8
3e96f957f3b933025d8abae96957af9c84f52d917765ca17d2147b2b6175b7c0
40c92f3f4dff5d46ac14fc30682dfbd18a622179eb254c45ac6066f83ab4b2c7
40f047455cdcbfb25686d4c606f7037fecd1a95b4a53e06754c287b30c1293f8
4273a9187cb6503119bdbcfd186f43f6aee527e53c60d93a0e9add105fdf35c4
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
54802cf593868e4306c6c828edce5eb96d2a2b1df749c5d9b77f7a831f6bd1ca
570307cf55ab0a86950ee2500c3ad8bead23b801070417923d9df4ae250f4df4
60b7417fecca912926f6bfa3a11c2e50d18e6c7490e759448cfb6feed573cf29
636a24e0391398042b024ed521d3193019c51b7df0a50e3b86e55b6aea8f58d1
64e56836e083250c795d6fc4fd222f30841bb90de0dcef675bb81c44d2f96e12
68c4f790e19defeadb13de6f9b406a7d4aeae16da42cf4d96d2093733991ca03
6f0593433f3de4bd66b04b2629ef0ae0423e30eedb295d6e9c16209b65afaee4
708f843d0fbf4223ac741b12257f7391be00b8c694ebe21c6da3bc2e187faa2c
7398868f4bdfc2f2d9783e1c21fa9dc7140a951d557924e1c638d12ce111052b
769fb521764ee953b2cefbc63fa8e214826d9020270e77e1f3dea99fecd61586
771dd7bb887ae9a272b92c8bc760398705c4255eb004d97741231e24e9e9bf6f
7d437016140b0f138384fe35d7e7bf278dfa1778e87af624b230752a351fe585
8427c71e46a97369ea55225a306c77b9b54450c66083533b7a135e3aa5702b2f
84fc54a73ed8523d42062af8881d8a4f3eed9ed80817f6fde74964844911ad1a
87e50b18ea5f3fb14f91c1b9af3c513a0effc364db4a7efb44fd135c9999f102
8842a9f3772453772e6c0c025f2b6d84714620c2146323ac63eb31d27ef97ed3
88b2a4cc02f82a0f86c23850e0b18f54e90a823e8f3c288ea2aa31268bdbc72d
899ef6cfbf8612754604cb4fe46d09b41e41f4d7961df109d827c2a58946ccb3
8dadae55c0f6f1b0632f1af8ff8aafef9f78bb0e9839657423ba6724657c0a7b
9080759f8df9cc79344d1a219beb77cc9c65d37b609b4e5aed5e6ebf7594ae8a
94ee0e97215c8f1db64eeb3e1948eefb73a8c5a1c4aead335ac2cc37374a4409
a1dcbb0da04d27c5dcd2de36e40befb7ec08f2a614afc694331b7a45d640c098
a384d1fc7d84b2fe1b1cb470193838a86a5c72d39268aed7825e2235285b5ef7
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aa87b8787be863c04161b0a9f91ac7b3577c9a9f54c0210053e1c7966985f40a
ab8e2dd441a572a22fcc7ec205421e4fa218892d667ffd30804d0a5d2b1c8f1a
abc57ce25ffb0f237a09e2d87dc102688ec1217ea15c3b48052fffa2aac3fc1f
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
b3548dafa241c122874dddfd56b905eee884f0e2ac9a9d6381c892d2d76d745d
b4b93a44ce619f9bc36b6ec16bb69dec6817695cb0593975e666dec0d0344aac
b8aa73dba7af1f822c830c259a3278db0606c9ed75f5f43f4472ac0dba5063d8
b95b7a9cadd01140ae044897ece39ddea0179063f54819b416c84c116373666b
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bd02f1ab8d7ddc6a44e01a2ec1819208b3bc74cb4b3f3630790962bf4db17ca4
bf3f8fc35359b7ab1f46bbcb2c62c6419567f356e6124d028ed9e2e0763870e6
c13acee58b35c538cacc4ab750084e84092016199ed35cfd223b34adeb16f68a
c32287fc05433b98db9cc6ad2ab1fe97de270779e86bf3dd7344a4d28399926d
c40e247365d8a712662ee4991f0a78a379be4dc429f8a85dba0a27e7764410e9
ca2da25ca733139ab1211bc78a116fdc99158a89c2cf9faa5d10d6fb9e09f213
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf65b60a457d9933d6e3c53a9e40dcf587d5a340c7867faf30d941aa88dc750a
cf8676ce47631fd69bb24cae918d96b92c836c5d938ca82679d6c4246a739285
d368020de68c5eceb0f43be7d07776ac1a4bbbf5c67f2fc08ceb38123f3882be
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d8ff0f4a3384c95aa442f0b4384b17fbc41b65379446b762dfc27dd2d8cddfd5
d93f96d51139f0bae7ce109fca09678eb9234beae572d7dcb4bc4cb1120bdd61
d9f7a08c292348733ace758b5c4c741989b11e28fd3e8694fead6133ee1fd42f
dd31256cb75666d71675ee27842ac76189f8d00a192661dd3616d0526dddf467
df052e1a45676236e4a80e070c9882200613f0461d80290a1ea78c1552fa28f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e280f216f44c1f4d9908ed2122f108ab7d57a36a12527c5a3365db87dac165
e7f04716e5f316f3a4a1f88dc455a59d5fd949dfa4fdafa374c79257c3b62e80
e9cabdd0558241264fbf35d8b4fffcb906b13c8a584393dba138b1ed7f711206
ee58ff45b5b752fe10e64cc907c79c817a4f99757ca3cc14f847dc782c79966e
ee93d665f6dc272a96969eeb06a2f1d41fab80d9e08357ced220c1e161ea5868
f04d6f4e31655290294a18aff5e6d9174a2990f5550f1939f59c41f8cb451073
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f58fe8336c0f689d3f42e631e6eb118fead7a3663a4e21a2abc52adfe634b856
f5d74734bea0ddce22de686b8993918fc3c2b20460faf48be01fb7623e9a6c9e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6aea10072c8ffeda10ce1cf2c8d3abcd786a1ef50a5097dd1fd95fdae14d980
faaef27f8c7d99b5fb81b35fc2857afebc97e1ac94d3f899c72b8dd05edd4eb6
fb3dab6d97df8490b2eed9a51459e8ed4583057083f714008f1c796b368ffded
fb472630e98d7762c77ecd518310ed064241e339969fee462c9ad0da1f6411e8
fe55be898f7fbc7b7c57f227829c33244d9afe9ed0f2afd99836b8c6c45f2a0e

soutenir.msf.fr Open in urlscan Pro 2600:9000:206e:fc00:11:7c4b:83c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

100 %HTTPS

50 %IPv6

16 Domains

23 Subdomains

20 IPs

6 Countries

2802 kBTransfer

6860 kBSize

14 Cookies

6 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

soutenir.msf.fr Open in urlscan Pro
2600:9000:206e:fc00:11:7c4b:83c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

100 %
HTTPS

50 %
IPv6

16
Domains

23
Subdomains

20
IPs

6
Countries

2802 kB
Transfer

6860 kB
Size

14
Cookies

140 HTTP transactions
0 data transactions