secure.wp.co.de Open in urlscan Pro
2606:4700:3037::ac43:c2dc Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.wp.co.de/
Submission: On February 12 via automatic, source certstream-suspicious (February 12th 2024, 1:57:52 am UTC) — Scanned from DE

Summary HTTP 233 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 3 countries across 21 domains to perform 233 HTTP transactions. The main IP is 2606:4700:3037::ac43:c2dc, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.wp.co.de.
TLS certificate: Issued by GTS CA 1P5 on January 2nd 2024. Valid for: 3 months.

This is the only time secure.wp.co.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3037::ac43:c2dc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	192.0.78.203 192.0.78.203	2635 (AUTOMATTIC) (AUTOMATTIC)
44	2606:4700:440... 2606:4700:4400::6812:2197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9af8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 31	2606:4700::68... 2606:4700::6810:4387	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
34	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
4	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	18.173.154.79 18.173.154.79	() ()
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	99.84.88.12 99.84.88.12	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
13	54.187.119.242 54.187.119.242	() ()
5	2a00:1450:400... 2a00:1450:400c:c0c::5c	15169 (GOOGLE) (GOOGLE)
4	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
2	198.202.176.201 198.202.176.201	() ()
2	2600:9000:26d... 2600:9000:26da:fe00:19:7d10:bd80:93a1	() ()
6	2a00:1450:400... 2a00:1450:4001:806::200e	() ()
233	30

1 2606:4700:3037::ac43:c2dc (United States)

ASN13335 (CLOUDFLARENET, US)

secure.wp.co.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.78.203 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

aul.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2606:4700:4400::6812:2197 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-dmecc.nitrocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9af8 (United States)

ASN13335 (CLOUDFLARENET, US)

nitroscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700::6810:4387 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

raisedonors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.79 (United States)

ASN- ()
PTR: server-18-173-154-79.muc50.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.virtuoussoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-12.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 54.187.119.242 (None, )

ASN- ()

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400c:c0c::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.202.176.201 (United States)

ASN- ()

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26da:fe00:19:7d10:bd80:93a1 (None, )

ASN- ()

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::200e (None, )

ASN- ()

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	stripe.com js.stripe.com — Cisco Umbrella Rank: 1172 q.stripe.com merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5166 r.stripe.com Failed m.stripe.com Failed	2 MB
44	nitrocdn.com cdn-dmecc.nitrocdn.com	420 KB
31	raisedonors.com 1 redirects raisedonors.com — Cisco Umbrella Rank: 851442	274 KB
15	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2648 play.google.com	459 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	590 KB
6	paypal.com www.paypal.com — Cisco Umbrella Rank: 2979 t.paypal.com — Cisco Umbrella Rank: 3519	87 KB
4	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2624	35 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 586 region1.google-analytics.com — Cisco Umbrella Rank: 2173 www.google-analytics.com — Cisco Umbrella Rank: 27	38 KB
4	virtuoussoftware.com cdn.virtuoussoftware.com — Cisco Umbrella Rank: 146128 tpx.virtuoussoftware.com Failed	5 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	312 KB
4	aul.org aul.org	98 KB
2	stripe.network m.stripe.network	16 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 695 script.hotjar.com — Cisco Umbrella Rank: 1019	59 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 80	345 B
1	wp.com pixel.wp.com — Cisco Umbrella Rank: 2788	178 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 782	7 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14126	45 KB
1	nitroscripts.com nitroscripts.com — Cisco Umbrella Rank: 17553	11 KB
1	co.de secure.wp.co.de	672 B
0	stripecdn.com Failed b.stripecdn.com Failed
233	21

	Domain	Requested by
44	cdn-dmecc.nitrocdn.com	aul.org
34	js.stripe.com	raisedonors.com js.stripe.com
31	raisedonors.com	1 redirects aul.org raisedonors.com secure.wp.co.de
13	q.stripe.com	secure.wp.co.de
8	www.gstatic.com	www.google.com pay.google.com www.gstatic.com
6	play.google.com	www.gstatic.com
5	pay.google.com	js.stripe.com pay.google.com secure.wp.co.de www.gstatic.com
4	www.paypalobjects.com	www.paypal.com www.paypalobjects.com raisedonors.com
4	cdn.virtuoussoftware.com	aul.org raisedonors.com cdn.virtuoussoftware.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com raisedonors.com
4	www.google.com	raisedonors.com www.gstatic.com www.google.com
4	www.googletagmanager.com	raisedonors.com aul.org www.googletagmanager.com
4	www.paypal.com	raisedonors.com www.paypal.com www.paypalobjects.com
4	aul.org	secure.wp.co.de aul.org
2	m.stripe.network	js.stripe.com m.stripe.network
2	merchant-ui-api.stripe.com	js.stripe.com
2	t.paypal.com	raisedonors.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	raisedonors.com js.stripe.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	aul.org
1	region1.google-analytics.com	www.googletagmanager.com
1	pixel.wp.com	aul.org
1	ssl.google-analytics.com	aul.org
1	static.hotjar.com	aul.org
1	static.cloudflareinsights.com	raisedonors.com
1	cdn.plaid.com	raisedonors.com
1	nitroscripts.com	aul.org
1	secure.wp.co.de
0	m.stripe.com Failed	m.stripe.network
0	b.stripecdn.com Failed	js.stripe.com
0	tpx.virtuoussoftware.com Failed	cdn.virtuoussoftware.com
0	r.stripe.com Failed	js.stripe.com
233	33

This site contains no links.

Subject Issuer	Validity	Valid
wp.co.de GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
tls.automattic.com R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
nitrocdn.com Cloudflare Inc ECC CA-3	`2023-12-25` - `2024-03-24`	3 months	crt.sh
nitroscripts.com GTS CA 1P5	`2024-01-04` - `2024-04-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-23` - `2024-06-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-01-24` - `2024-08-21`	7 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni1c0fgl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-03` - `2024-08-02`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://secure.wp.co.de/
Frame ID: DCD6E37C5172AC6A46AC68D0D9B3BC24
Requests: 1 HTTP requests in this frame

Frame: https://aul.org/give/
Frame ID: 83D618CD10F4BA0273486981752C9DDA
Requests: 91 HTTP requests in this frame

Frame: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
Frame ID: 9EBE04AEE10190D30ED3A61402E66642
Requests: 53 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html
Frame ID: 0DF157FEE14F1350AF5B8897CC12D1CF
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-6f369a615bb526a5aca6d5b29a560fee.html
Frame ID: ED63DCB085A7EAE162E624FCE9A3C3A7
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html
Frame ID: A401C5D0CE8D1600672D0842CD92A692
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-6ed0dad2f7bcedfc54af156fdc78405e.html
Frame ID: 0D2083C334CFDDC6BCFDAA26A1B44EF8
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-dfdedcdd20b87aa34dc351dae57e7bb2.html
Frame ID: 98F81286F272775B9123E5395A6A8C0F
Requests: 5 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 746C9AF8D70B48EE37F611C6D69C9C36
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 4119E320BDD371B919F7F27F4A547B02
Requests: 14 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 3C41E2CF56EF113BCD17FB1D3456B217
Requests: 4 HTTP requests in this frame

Frame: https://raisedonors.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: 4A2D44D8146CFF19F490867BB5509C97
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLxlshAAAAAIrT1UFURK-Th2YG8F7JEuKq3OpM&co=aHR0cHM6Ly9yYWlzZWRvbm9ycy5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=nzpw0cqec8td
Frame ID: 5A2A4794EE47FD10E3D0AD1179BFE699
Requests: 8 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=pay&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.422&components.0=buttons&components.1=funding-eligibility&components.2=marks&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVU0bVRFeUgwMEpMVnEwNTM5c2hvUndMb21UNmQyZlV5M1ljWDFZS184dm9ETUk2X0ctSnpNV3JjYnpyanRGSzJsMTdhSG9iVkpNeFd6UEImY3VycmVuY3k9VVNEJmludGVudD1hdXRob3JpemUmY29tcG9uZW50cz1idXR0b25zLG1hcmtzLGZ1bmRpbmctZWxpZ2liaWxpdHkmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF94a3Vzb2hycGxpdWVpZmppc3lna2l6Znd5dWdoYmcifX0&clientID=AU4mTEyH00JLVq0539shoRwLomT6d2fUy3YcX1YK_8voDMI6_G-JzMWrcbzrjtFK2l17aHobVJMxWzPB&sdkCorrelationID=f520921f20d63&storageID=uid_1ddf930dde_mde6ntc6nte&sessionID=uid_62759c1c85_mde6ntc6nte&buttonSessionID=uid_76d02d41a7_mde6ntc6nte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=authorize&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&clientMetadataID=uid_62759c1c85_mde6ntc6nte&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
Frame ID: 15F9B05247E2450DB5E51D56811AC400
Requests: 3 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 85AE47B637AAA59A88B27EB4F8C30EF7
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 22AA3CDD2DC4B50C98D455B464D86A30
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-c10b20cb7bb79ba6109867b6ab377961.html
Frame ID: 67F61F1D48DD398566D092B034238C37
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-c55b2d14d97232534f6519036c59f9a4.html
Frame ID: F4C13732926308882C801F8964043F14
Requests: 6 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.10/HCaptchaInvisible.html?id=771c42b0-6998-49e3-bf26-bbd981190e0c&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: 5A58812366EB66FA26B3D3CF6E989C7B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Secure AUL Giving

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

233
Requests

80 %
HTTPS

62 %
IPv6

21
Domains

33
Subdomains

30
IPs

3
Countries

4035 kB
Transfer

13690 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 188

https://raisedonors.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://raisedonors.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

233 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
secure.wp.co.de/ 190 B
672 B 1184ms
630ms Document
text/html 2606:4700:3037::ac43:c2dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.wp.co.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:c2dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

082af8c0b4fcf99a055d205651d14c4a6c4d257176e0d5ace9c98f6093749622

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8541390e0cff7968-NRT
content-encoding: br
content-type: text/html
date: Mon, 12 Feb 2024 01:57:48 GMT
last-modified: Mon, 12 Feb 2024 01:00:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unsRKj8igdvqYf0jYMp9ViQZNYsQ%2B4tNagQMlX6LIQVNXdL%2BrsIfh88QuXz%2FV4MJpNAYceP6NsozFwWdQ4AVb0ak1NfXU1ng0eKWvK1dhoXqdpg3ILPe%2Ba4qvvUptd462TXnaxibOCjwEmtiMaw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed

GET
H2 200 / Show response
aul.org/give/ Frame 83D6 210 KB
48 KB 541ms
439ms Document
text/html 192.0.78.203
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://aul.org/give/

Requested by

Host: secure.wp.co.de
URL: https://secure.wp.co.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.203 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b2410dc83ade49be2868fcf4f3ebda1d448d9ea9c55361a8bed919b6615137f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://secure.wp.co.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Feb 2024 01:57:48 GMT
host-header: WordPress.com
last-modified: Mon, 12 Feb 2024 01:57:48 GMT
link: <https://cdn-dmecc.nitrocdn.com>; rel=preconnect <https://aul.org/wp-json/>; rel="https://api.w.org/" <https://aul.org/wp-json/wp/v2/pages/40347>; rel="alternate"; type="application/json" <https://wp.me/Pala5d-auL>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie user-agent
x-ac: 2.hhn _atomic_ams BYPASS
x-cache-ctime: 1707109727
x-hacker: Want root? Visit join.a8c.com and mention this header.
x-nananana: Batcache-Set
x-nitro-cache: HIT
x-nitro-cache-from: plugin
x-nitro-rev: 1f637fa

GET
H2 200 arimo-v25-latin-regular.woff2
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/source/rev-1f637fa/aul.org/wp-content/themes/aul2022/fonts/ Frame 83D6 10 KB
10 KB 125ms
68ms Font
application/font-woff2 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/source/rev-1f637fa/aul.org/wp-content/themes/aul2022/fonts/arimo-v25-latin-regular.woff2
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f789fbd28a77ad55d513777b1d5bf740971be4efd5b5afe04f5ee3e813c96a1

Request headers

Referer: https://aul.org/
Origin: https://aul.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:25 GMT
server: cloudflare
etag: "65c02a41-2794"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 854139152e1d5902-TXL
link: <https://aul.org/wp-content/themes/aul2022/fonts/arimo-v25-latin-regular.woff2>; rel="canonical"
content-length: 9988
alt-svc: h3=":443"; ma=86400

GET
H2 200 arimo-v25-latin-700.woff2
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/source/rev-1f637fa/aul.org/wp-content/themes/aul2022/fonts/ Frame 83D6 10 KB
10 KB 109ms
52ms Font
application/font-woff2 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/source/rev-1f637fa/aul.org/wp-content/themes/aul2022/fonts/arimo-v25-latin-700.woff2
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6fb92afd631c07f3234723f9cdb942832dc94cf4576de516da2ca63336ced6a

Request headers

Referer: https://aul.org/
Origin: https://aul.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:25 GMT
server: cloudflare
etag: "65c02a41-27a4"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 854139152e1e5902-TXL
link: <https://aul.org/wp-content/themes/aul2022/fonts/arimo-v25-latin-700.woff2>; rel="canonical"
content-length: 10008
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK d3a55b65-553f-4635-af32-ef0aaa377c28
https://aul.org/ Frame 83D6 824 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/d3a55b65-553f-4635-af32-ef0aaa377c28
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a0829f65b5378d1b0e2da444ff32f73343984c4e21342f5a7a0f3b9abe5c9c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 824
Content-Type: text/javascript

GET
H2 200 lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm Show response
nitroscripts.com/generic/ Frame 83D6 34 KB
11 KB 442ms
388ms Script
text/javascript 2606:4700:4400::ac40:9af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nitroscripts.com/generic/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm

Requested by

Host: aul.org
URL: https://aul.org/give/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9af8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f08b4aaa60f6c15976f65c7df818fbbb3fd6672fcb6a1e6d13872848d609f759

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 12 Feb 2024 01:57:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600, stale-while-revalidate=31536000
cf-ray: 85413915486058e4-TXL

GET
DATA 200
OK truncated
/ Frame 83D6 91 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fc410b679d90897e3f8ec9e8a64e3fb699912d30122676c6dc257777034e615

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 83D6 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63f21f17cf6e41efcf6e60880f32255c03353fe95e2a44444324f54c5bc0c826

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 83D6 91 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fc410b679d90897e3f8ec9e8a64e3fb699912d30122676c6dc257777034e615

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 83D6 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4735fb186005bd963d9faaed72d629dd52e23f2ffbf15a858db21c354261b121

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 x-logo.svg
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/images/optimized/rev-fc2e483/aul.org/wp-content/themes/aul2022/images/icons/ Frame 83D6 430 B
575 B 93ms
55ms Image
image/svg+xml 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/images/optimized/rev-fc2e483/aul.org/wp-content/themes/aul2022/images/icons/x-logo.svg
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd46f96b6f47fcd33683b79ddfaf3daca1d4f8aeba3c0f2bde1584c69cc699d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-229"
vary: Accept, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 85413915396d4480-TXL
link: <https://aul.org/wp-content/themes/aul2022/images/icons/x-logo.svg>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H2 200 0b5c03d11b58d596cc79b68398bc585c.icomoon.woff2
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/source/rev-1f637fa/aul.org/wp-content/themes/aul2022/fonts/ Frame 83D6 1 KB
1 KB 96ms
69ms Font
application/font-woff2 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/source/rev-1f637fa/aul.org/wp-content/themes/aul2022/fonts/0b5c03d11b58d596cc79b68398bc585c.icomoon.woff2
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34ba190dced0cd523211385c8346770b28fcd3670476854297483a815d2cb4ce

Request headers

Referer: https://aul.org/
Origin: https://aul.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:25 GMT
server: cloudflare
etag: "65c02a41-4b7"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 854139152e225902-TXL
link: <https://aul.org/wp-content/themes/aul2022/fonts/icomoon.woff2?61abae>; rel="canonical"
content-length: 1072
alt-svc: h3=":443"; ma=86400

GET
H2 200 eb-garamond-v24-latin-700.woff2
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/source/rev-1f637fa/aul.org/wp-content/themes/aul2022/fonts/ Frame 83D6 21 KB
22 KB 77ms
50ms Font
application/font-woff2 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/source/rev-1f637fa/aul.org/wp-content/themes/aul2022/fonts/eb-garamond-v24-latin-700.woff2
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f59fa14fd1be6338281d64b9e0fe709b26876892d598eb3fe2eb10c253af59bf

Request headers

Referer: https://aul.org/
Origin: https://aul.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:25 GMT
server: cloudflare
etag: "65c02a41-55a6"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 854139152e1f5902-TXL
link: <https://aul.org/wp-content/themes/aul2022/fonts/eb-garamond-v24-latin-700.woff2>; rel="canonical"
content-length: 21780
alt-svc: h3=":443"; ma=86400

GET
H2 200 eb-garamond-v24-latin-regular.woff2
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/source/rev-1f637fa/aul.org/wp-content/themes/aul2022/fonts/ Frame 83D6 20 KB
20 KB 78ms
51ms Font
application/font-woff2 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/source/rev-1f637fa/aul.org/wp-content/themes/aul2022/fonts/eb-garamond-v24-latin-regular.woff2
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0e2e4f3925ac951585a8e9a50a38861646106b56c059d111b80da01eb5976d5

Request headers

Referer: https://aul.org/
Origin: https://aul.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:25 GMT
server: cloudflare
etag: "65c02a41-508e"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 854139152e215902-TXL
link: <https://aul.org/wp-content/themes/aul2022/fonts/eb-garamond-v24-latin-regular.woff2>; rel="canonical"
content-length: 20472
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 83D6 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 339be152a2399ee136d14d580bf4af802532288abd004db246c63f264d6b7e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 83D6 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 339be152a2399ee136d14d580bf4af802532288abd004db246c63f264d6b7e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 83D6 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f02651797a845b42781199e025c8a967306f86229a3bd3d47933f74fd7e7780

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 arimo-v25-latin-italic.woff2
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/source/rev-1f637fa/aul.org/wp-content/themes/aul2022/fonts/ Frame 83D6 11 KB
11 KB 70ms
53ms Font
application/font-woff2 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/source/rev-1f637fa/aul.org/wp-content/themes/aul2022/fonts/arimo-v25-latin-italic.woff2
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bc32bb5e7ae682a349417150239aa22f5f6f6029230f2f765d0412867ef6caf

Request headers

Referer: https://aul.org/
Origin: https://aul.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:25 GMT
server: cloudflare
etag: "65c02a41-2b6b"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 854139152e245902-TXL
link: <https://aul.org/wp-content/themes/aul2022/fonts/arimo-v25-latin-italic.woff2>; rel="canonical"
content-length: 10972
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 83D6 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0214dfcaca56861b7c92d54ca27603d803ad59aa64ff2c15d44f2855713979ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 83D6 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0214dfcaca56861b7c92d54ca27603d803ad59aa64ff2c15d44f2855713979ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 83D6 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0214dfcaca56861b7c92d54ca27603d803ad59aa64ff2c15d44f2855713979ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 83D6 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0214dfcaca56861b7c92d54ca27603d803ad59aa64ff2c15d44f2855713979ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 83D6 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63f21f17cf6e41efcf6e60880f32255c03353fe95e2a44444324f54c5bc0c826

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 83D6 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0214dfcaca56861b7c92d54ca27603d803ad59aa64ff2c15d44f2855713979ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 83D6 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0214dfcaca56861b7c92d54ca27603d803ad59aa64ff2c15d44f2855713979ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 arimo-v25-latin-700italic.woff2
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/source/rev-1f637fa/aul.org/wp-content/themes/aul2022/fonts/ Frame 83D6 11 KB
11 KB 76ms
66ms Font
application/font-woff2 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/source/rev-1f637fa/aul.org/wp-content/themes/aul2022/fonts/arimo-v25-latin-700italic.woff2
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f687253384db21f3f1b42df9ae9f8831102c777c0eeb995c322106d950de418

Request headers

Referer: https://aul.org/
Origin: https://aul.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:25 GMT
server: cloudflare
etag: "65c02a41-2b4a"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 854139152e205902-TXL
link: <https://aul.org/wp-content/themes/aul2022/fonts/arimo-v25-latin-700italic.woff2>; rel="canonical"
content-length: 10936
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 83D6 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e03be949642d58ff54506feed064bf07bbb2a5747f6b2d4ebf451aff85ce327

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 donation-page Show response
raisedonors.com/americansunitedforlife/ Frame 9EBE 83 KB
39 KB 675ms
614ms Document
text/html 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Requested by

Host: aul.org
URL: https://aul.org/give/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12a3d81034186b0940fa1445649ff565514f1e3f5a03a0baae205e0dd48b4a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aul.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: Request-Context
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 854139164e8058de-TXL
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 01:57:49 GMT
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 logo.svg
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/images/optimized/rev-fc2e483/aul.org/wp-content/themes/aul2022/images/ Frame 83D6 13 KB
5 KB 53ms
52ms Image
image/svg+xml 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/images/optimized/rev-fc2e483/aul.org/wp-content/themes/aul2022/images/logo.svg
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9662a2ca585c0c1ab55628dc1fb609eec2d5cdc357cefce5bd59a7fd9f524879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:15 GMT
server: cloudflare
etag: W/"65c02a37-3621"
vary: Accept, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 85413915e9f94480-TXL
link: <https://aul.org/wp-content/themes/aul2022/images/logo.svg>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H2 200 Give-pro-life-group-Mother-Daughter.png
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/images/optimized/rev-fc2e483/aul.org/wp-content/uploads/2022/09/ Frame 83D6 44 KB
44 KB 59ms
59ms Image
image/webp 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/images/optimized/rev-fc2e483/aul.org/wp-content/uploads/2022/09/Give-pro-life-group-Mother-Daughter.png
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50b8f84b7753aaa8dd13d6070e17f2c39faf67d5c69220068ab4153497a3edb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 05:08:35 GMT
server: cloudflare
etag: "65c06d53-b137"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 85413915e9f84480-TXL
link: <https://aul.org/wp-content/uploads/2022/09/Give-pro-life-group-Mother-Daughter.png>; rel="canonical"
content-length: 45230
alt-svc: h3=":443"; ma=86400

GET
H2 200 master.css
raisedonors.com/css/donation/ Frame 9EBE 144 KB
26 KB 154ms
152ms Stylesheet
text/css 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/css/donation/master.css

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1af30e31c72c05af66a8b73b2aa7a024c7ba2459b7c963ca6a39ab621fe4094

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=148616
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Mon, 15 May 2023 19:24:02 GMT
server: cloudflare
etag: W/"e3787ce6287d91:0"
vary: Accept-Encoding
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391a399f58de-TXL
expires: Mon, 12 Feb 2024 02:27:49 GMT

GET
H2 200 master-min-width.css
raisedonors.com/css/donation/ Frame 9EBE 3 KB
819 B 159ms
158ms Stylesheet
text/css 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/css/donation/master-min-width.css

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ba6e23139b4682a6d8a8de77d38b3c8b44afbdee419762340e15447cdc82023

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=3104
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Mon, 20 Mar 2023 14:46:46 GMT
server: cloudflare
etag: W/"89bcecb3a5bd91:0"
vary: Accept-Encoding
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391a39a258de-TXL
expires: Mon, 12 Feb 2024 02:27:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9EBE 6 KB
1 KB 155ms
55ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700&display=swap

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11e0dd0b1244f412de7027e164697e76b77f87c85bb6d5e74ef23237ded7699b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Feb 2024 01:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 01:57:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Feb 2024 01:57:49 GMT

GET
H2 200 stripe-elements.css
raisedonors.com/css/donation/ Frame 9EBE 3 KB
998 B 148ms
147ms Stylesheet
text/css 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/css/donation/stripe-elements.css

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ea56af5464914be26afbdde0f37b0621382a3136717ddf9f7d07d1b32368d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=3107
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 23:31:07 GMT
server: cloudflare
etag: W/"3204f34d1e5d91:0"
vary: Accept-Encoding
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391a39a358de-TXL
expires: Mon, 12 Feb 2024 02:27:49 GMT

GET
H2 200 iframeSizer-in-page.min.js Show response
raisedonors.com/js/donation/ Frame 9EBE 14 KB
5 KB 150ms
149ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/donation/iframeSizer-in-page.min.js

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8cf11fb0206805c341cf15243f44e92d294b6070d6924993eee63edb91a11c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 03 Dec 2019 16:59:20 GMT
server: cloudflare
etag: W/"d23dd11fba9d51:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391a39a658de-TXL
expires: Mon, 12 Feb 2024 02:27:49 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 9EBE 592 KB
165 KB 99ms
27ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6c93df9a115ee393c2c21092ca22f0282c7b28e1b02086ab72d6efde86245ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:49 GMT
via: 1.1 varnish
age: 26
x-cache: HIT
content-length: 168211
x-request-id: 2b2633ee-d429-4ea8-9d91-62634b6af7c5
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 09 Feb 2024 21:38:10 GMT
server: Fastly
etag: "5b7820a46133cf63de46954bbcb7c5cb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 9EBE 298 KB
81 KB 698ms
623ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AU4mTEyH00JLVq0539shoRwLomT6d2fUy3YcX1YK_8voDMI6_G-JzMWrcbzrjtFK2l17aHobVJMxWzPB&currency=USD&intent=authorize&components=buttons,marks,funding-eligibility&enable-funding=venmo

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9d4a878e83049dedff9e7ad170c2c1f39f7fa423671d59fa2d623849b84457e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-1GgJETFu1VZcYV46ppyQpXAn5c8Mnyo1khxZKSCOIwToa1xs' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-1GgJETFu1VZcYV46ppyQpXAn5c8Mnyo1khxZKSCOIwToa1xs' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-1GgJETFu1VZcYV46ppyQpXAn5c8Mnyo1khxZKSCOIwToa1xs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-1GgJETFu1VZcYV46ppyQpXAn5c8Mnyo1khxZKSCOIwToa1xs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Mon, 12 Feb 2024 01:57:50 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: true
paypal-debug-id: f77621780c168
server-timing: "traceparent;desc="00-0000000000000000000f77621780c168-0252499ef7240054-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 81087
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230091-FRA, cache-fra-eddf8230091-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f77621780c168-8d7592f856013189-01
x-timer: S1707703070.871804,VS0,VE594
etag: W/"13cbf-7NGRWYXUOSEzedGSINZNhNbQdfA"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 paypal-elements.css
raisedonors.com/css/donation/ Frame 9EBE 1 KB
528 B 475ms
474ms Stylesheet
text/css 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/css/donation/paypal-elements.css

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0437c73712c406b350d5dc1154b998ed850634e2d298baea405aecb550d8fe98

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=1098
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Fri, 07 Apr 2023 16:46:24 GMT
server: cloudflare
etag: W/"e94c947d7069d91:0"
vary: Accept-Encoding
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391a39a558de-TXL
expires: Mon, 12 Feb 2024 02:27:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 9EBE 275 KB
92 KB 166ms
66ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZW7V09F20F

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d613b424537e343148e3fb0bcd1a4a8cf1b6cb88b3e20f4b3a07538a18f30e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93887
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Feb 2024 01:57:50 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 9EBE 1 KB
1 KB 162ms
57ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfLxlshAAAAAIrT1UFURK-Th2YG8F7JEuKq3OpM

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

04f257cb8e739e1a691315c1702e4561478ff6708b0dd43447fe2d5b9928dd8c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 12 Feb 2024 01:57:49 GMT

GET
H3 200 master-max-width.css
raisedonors.com/css/donation/ Frame 9EBE 3 KB
1 KB 480ms
479ms Stylesheet
text/css 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/css/donation/master-max-width.css

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b74ca24dae2a0879a87065ef531d4aabce64ef298f43cb9d2b33976d74ad184

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=2825
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Mon, 20 Mar 2023 14:46:46 GMT
server: cloudflare
etag: W/"89bcecb3a5bd91:0"
vary: Accept-Encoding
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391ef87a58d8-TXL
expires: Mon, 12 Feb 2024 02:27:51 GMT

GET
H2 200 rd-footer-logo@1x.png
raisedonors.com/img/ Frame 9EBE 302 B
554 B 145ms
144ms Image
image/webp 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisedonors.com/img/rd-footer-logo@1x.png

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51718c08ac1ee90b97121d41b07ca77129517943edbf8d3c0d9245447ecacb16

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=471
content-disposition: inline; filename="rd-footer-logo@1x.webp"
alt-svc: h3=":443"; ma=86400
content-length: 302
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Tue, 03 Dec 2019 16:54:19 GMT
server: cloudflare
etag: "b2f3664efaa9d51:0"
vary: Accept
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
accept-ranges: bytes
cf-ray: 8541391a39a758de-TXL
expires: Mon, 12 Feb 2024 02:27:49 GMT

GET
H2 200 font-awesome.css
raisedonors.com/css/donation/ Frame 9EBE 2 KB
609 B 165ms
165ms Stylesheet
text/css 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/css/donation/font-awesome.css

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77b3679bc42dc633c9e1c6211e6af851fea08700dda02090c40651e33e88399b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=1572
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Wed, 27 Oct 2021 21:50:07 GMT
server: cloudflare
etag: W/"45a8399b7ccbd71:0"
vary: Accept-Encoding
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391a39a858de-TXL
expires: Mon, 12 Feb 2024 02:27:49 GMT

GET
H3 200 jquery-3.5.1.min.js Show response
raisedonors.com/js/ Frame 9EBE 87 KB
32 KB 155ms
155ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/jquery-3.5.1.min.js

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Nov 2020 19:40:21 GMT
server: cloudflare
etag: W/"5851eba350c7d61:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391b1ddf58d8-TXL
expires: Mon, 12 Feb 2024 02:27:50 GMT

GET
H3 200 popper-1.14.7.min.js Show response
raisedonors.com/js/ Frame 9EBE 24 KB
8 KB 146ms
146ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/popper-1.14.7.min.js

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed1dcedd768d865304dfe956bf03b60bfdef910af5801ef4bacbaa45935e29aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 01 Jul 2020 18:25:42 GMT
server: cloudflare
etag: W/"565b3b7d54fd61:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391b6e0c58d8-TXL
expires: Mon, 12 Feb 2024 02:27:50 GMT

GET
H3 200 bootstrap-4.3.1.min.js Show response
raisedonors.com/js/ Frame 9EBE 57 KB
16 KB 148ms
148ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/bootstrap-4.3.1.min.js

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbf828e0b8c2dabec1bf8a0c339c6341055e5f38d587a9ed7fbdca5e5b051053

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 01 Jul 2020 18:25:42 GMT
server: cloudflare
etag: W/"155e277d54fd61:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391c3e7858d8-TXL
expires: Mon, 12 Feb 2024 02:27:50 GMT

GET
H3 200 moment-2.24.0.min.js Show response
raisedonors.com/js/ Frame 9EBE 52 KB
18 KB 150ms
149ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/moment-2.24.0.min.js

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 01 Jul 2020 18:25:42 GMT
server: cloudflare
etag: W/"5ebe317d54fd61:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391c5e8c58d8-TXL
expires: Mon, 12 Feb 2024 02:27:50 GMT

GET
H3 200 parsley.min.js Show response
raisedonors.com/js/donation/ Frame 9EBE 42 KB
13 KB 154ms
154ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/donation/parsley.min.js

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ec7ecc6550b3e5433a82e203186b93922accbdd828b64d773115f55c4849775

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 03 Dec 2019 16:54:20 GMT
server: cloudflare
etag: W/"a027fd4efaa9d51:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391d2f3e58d8-TXL
expires: Mon, 12 Feb 2024 02:27:50 GMT

GET
H3 200 functions.js Show response
raisedonors.com/js/donation/ Frame 9EBE 3 KB
1 KB 480ms
479ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/donation/functions.js?v=1.56.0.0

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd2e545c3495b80d070e6b49e00e9b3206cc9018b5d0457f403a5884b1e3240

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=3782
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 17:54:47 GMT
server: cloudflare
etag: W/"9fc9bc969afd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391d4f5658d8-TXL
expires: Mon, 12 Feb 2024 02:27:50 GMT

GET
H3 200 main.min.js Show response
raisedonors.com/js/donation/ Frame 9EBE 22 KB
4 KB 146ms
145ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/donation/main.min.js?v=1.56.0.0

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4610645b1245a36f01a7d579bd6aace0985b94a517646b560baf99d92fbefbbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Mar 2023 14:46:47 GMT
server: cloudflare
etag: W/"15d1decb3a5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391e1fec58d8-TXL
expires: Mon, 12 Feb 2024 02:27:50 GMT

GET
H3 200 classic.min.js Show response
raisedonors.com/js/payment/stripe/ Frame 9EBE 21 KB
5 KB 489ms
488ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/payment/stripe/classic.min.js?v=1.43.0.0

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6d3be47ba8883065b9b91b899ecdd4cbab3176d5f8183f28610fb36dd6ccdbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 13 Nov 2023 15:41:33 GMT
server: cloudflare
etag: W/"3050ebe04716da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391ef87258d8-TXL
expires: Mon, 12 Feb 2024 02:27:51 GMT

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame 9EBE 147 KB
45 KB 192ms
87ms Script
application/javascript 18.173.154.79

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.79 , United States, ASN (),
Reverse DNS: server-18-173-154-79.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53aedf76966c997ecfeae51dcf419275dbe370c19d647f54334d2c9b195bcae8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: GZwV4RbccIB8ocIikHG6fzUzzDB0HqWx
content-encoding: gzip
via: 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
date: Mon, 12 Feb 2024 01:57:50 GMT
x-amz-request-id: 6PX9MY8WDGB8K3EZ
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
age: 375
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: JNElsi3bEiRmI1eCMxq3FODTva3CFAiXZRyx8lnq/9B4VtcghsTUN2QyLBfe7L7hQ3Xppdlz5Kg=
last-modified: Thu, 08 Feb 2024 21:19:47 GMT
server: AmazonS3
etag: W/"d91d8312bf0c542b450fef6225a5bbcf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: pTs5dMb3as7jYV2pr89hyRoUTl4aOuil_XrOmCigQxZjZjpTzYcTUA==

GET
H3 200 functions.min.js Show response
raisedonors.com/js/payment/plaid/ Frame 9EBE 3 KB
1 KB 153ms
152ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/payment/plaid/functions.min.js?v=1.43.0.0

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dd3c98473cbaf2a8262fa7028a79152979081943add46624ad307bbf9e46043

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Mar 2023 14:46:47 GMT
server: cloudflare
etag: W/"55e6f8cb3a5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391ef87458d8-TXL
expires: Mon, 12 Feb 2024 02:27:50 GMT

GET
H3 200 alt-payments.min.js Show response
raisedonors.com/js/payment/stripe/ Frame 9EBE 19 KB
5 KB 151ms
150ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/payment/stripe/alt-payments.min.js?v=1.43.0.0

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab00559856e8577ade8b90890d5dbc0c015b861f591c70f1ca740121b916c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 15 Jan 2024 18:12:37 GMT
server: cloudflare
etag: W/"9381576bde47da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391ef87558d8-TXL
expires: Mon, 12 Feb 2024 02:27:50 GMT

GET
H3 200 stripe.classic.min.js Show response
raisedonors.com/js/donation/ Frame 9EBE 13 KB
2 KB 150ms
149ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/donation/stripe.classic.min.js?v=1.43.0.0

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f977f7407c2373f19caa9835356ccce3c6cc5957a9affdf1fe9f6643617a90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 15:48:11 GMT
server: cloudflare
etag: W/"90f7b3a611cda1:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391ef87658d8-TXL
expires: Mon, 12 Feb 2024 02:27:50 GMT

GET
H3 200 paypal-payment.js Show response
raisedonors.com/js/donation/ Frame 9EBE 6 KB
2 KB 473ms
472ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/donation/paypal-payment.js?v=1.43.0.0

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a6ab68533e15f6ec00ff0d9cdece5099e680a71d1f89dc765a9b08585ba7c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=11640
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Fri, 07 Apr 2023 16:46:24 GMT
server: cloudflare
etag: W/"15b0967d7069d91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391ef87758d8-TXL
expires: Mon, 12 Feb 2024 02:27:51 GMT

GET
H3 200 honor-memory.min.js Show response
raisedonors.com/js/donation/options/ Frame 9EBE 6 KB
1 KB 146ms
145ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/donation/options/honor-memory.min.js?v=1.0.1

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e73f8f9d8236d08586f15cad4a33367bd427086143bcff1a76ce9e166c5c52e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 27 Oct 2021 21:50:07 GMT
server: cloudflare
etag: W/"cbde439b7ccbd71:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391ef87858d8-TXL
expires: Mon, 12 Feb 2024 02:27:50 GMT

GET
H3 200 iframeResizer.contentWindow.min.js Show response
raisedonors.com/js/donation/embed/ Frame 9EBE 14 KB
6 KB 149ms
147ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/donation/embed/iframeResizer.contentWindow.min.js

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ffcc74dfe4aa0a896a2569c916647bbe690c4c1e789468baf21eaa7c528ae97

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 27 Oct 2021 21:50:07 GMT
server: cloudflare
etag: W/"df34429b7ccbd71:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391ef87958d8-TXL
expires: Mon, 12 Feb 2024 02:27:50 GMT

GET
H2 200 autocomplete.min.js Show response
raisedonors.com/js/donation/options/smartystreets/ Frame 9EBE 5 KB
1 KB 150ms
150ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/donation/options/smartystreets/autocomplete.min.js

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ba1723c67552195c15a49627cf39083f1b47f3bbb43e37326c7970eb8cb376b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
Origin: https://raisedonors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Sep 2022 23:10:41 GMT
server: cloudflare
etag: W/"b5d2538a21cad81:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391a39a958de-TXL
expires: Mon, 12 Feb 2024 02:27:49 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 9EBE 20 KB
7 KB 85ms
48ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://raisedonors.com/
Origin: https://raisedonors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8541391f3e792681-TXL

GET
H3 200 nitro-min-noimport-4f327673dbb4c17ab03639d3d05e67d6-stylesheet.css
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/combinedCss/ Frame 83D6 16 KB
3 KB 55ms
55ms Stylesheet
text/css 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/combinedCss/nitro-min-noimport-4f327673dbb4c17ab03639d3d05e67d6-stylesheet.css
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0bf8c14473b638e5983e892b82395cc71a4b702ebc1d7bb494431d144537633

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-3e5d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391e7f414534-TXL
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-noimport-7dd05f839e77e4cad3ce5f39c8acd755-stylesheet.css
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/combinedCss/ Frame 83D6 111 KB
15 KB 56ms
55ms Stylesheet
text/css 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/combinedCss/nitro-min-noimport-7dd05f839e77e4cad3ce5f39c8acd755-stylesheet.css
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 047fc91657b811cf7aa56db521a73b8b7f7213ccd66ae48fe49d6fc0e03c9afb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-1bd29"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391e7f424534-TXL
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-noimport-58ab1be32fdc292c774e79962dd57620-stylesheet.css
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/combinedCss/ Frame 83D6 402 KB
50 KB 71ms
71ms Stylesheet
text/css 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/combinedCss/nitro-min-noimport-58ab1be32fdc292c774e79962dd57620-stylesheet.css
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5079ee53fb15f820a8280ed3ce8cf896d053a228f8d44e39992d9b75dae8825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-646c0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391e7f434534-TXL
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-noimport-457a69847124c56cd6786991f49a28d0-stylesheet.css
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/combinedCss/ Frame 83D6 2 KB
555 B 51ms
51ms Stylesheet
text/css 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/combinedCss/nitro-min-noimport-457a69847124c56cd6786991f49a28d0-stylesheet.css
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92c2c58d2e8414378407dfa3e9f1d38fb5f9aac4ff16711bcd28578d4177ebb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-7d7"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391e7f444534-TXL
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-noimport-149b2f33ba03cfcb65c97dc853132ad4-stylesheet.css
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/combinedCss/ Frame 83D6 506 KB
72 KB 88ms
88ms Stylesheet
text/css 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/combinedCss/nitro-min-noimport-149b2f33ba03cfcb65c97dc853132ad4-stylesheet.css
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a41dc0fa8ead56ab2f0b42f5844ea6cfe215b1b3bdacbd4e4f66e3a27f756d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-7e852"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391e7f454534-TXL
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-noimport-7a121a0982bb4faa69f4652d5c996688-stylesheet.css
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/combinedCss/ Frame 83D6 12 KB
3 KB 52ms
52ms Stylesheet
text/css 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/combinedCss/nitro-min-noimport-7a121a0982bb4faa69f4652d5c996688-stylesheet.css
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ec67497d2aa84546d6d191449c2fa7eab10fbd192d9444fc4c259a31c70f21d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-3199"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391e7f464534-TXL
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-noimport-3f30cc7d6709355162cf060dae719ab0-stylesheet.css
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/externalFontFace/ Frame 83D6 1 KB
545 B 53ms
53ms Stylesheet
text/css 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/externalFontFace/nitro-min-noimport-3f30cc7d6709355162cf060dae719ab0-stylesheet.css
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27218b92f081fd6f24b29e35cea015752bd378fded5f03fca91286946e06e7b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:46 GMT
server: cloudflare
etag: W/"65c02a56-479"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391e7f484534-TXL
alt-svc: h3=":443"; ma=86400

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ Frame 9EBE 14 KB
6 KB 603ms
602ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=raisedonors.com&t=xo&v=5.0.422&source=payments_sdk&client_id=AU4mTEyH00JLVq0539shoRwLomT6d2fUy3YcX1YK_8voDMI6_G-JzMWrcbzrjtFK2l17aHobVJMxWzPB&comp=buttons,marks,funding-eligibility&disableSetCookie=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AU4mTEyH00JLVq0539shoRwLomT6d2fUy3YcX1YK_8voDMI6_G-JzMWrcbzrjtFK2l17aHobVJMxWzPB&currency=USD&intent=authorize&components=buttons,marks,funding-eligibility&enable-funding=venmo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5cd875586dd9c174536652e39c58366c1f2afef7890952938836f6b5efbfb9ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-htV5XLy+3sVAjHu7AQ7uUc582J0iDxeHFS69wU1QkXt4btwO' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-htV5XLy+3sVAjHu7AQ7uUc582J0iDxeHFS69wU1QkXt4btwO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS, MISS
paypal-debug-id: f353940951b80
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4806
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230091-FRA, cache-fra-eddf8230091-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f353940951b80-889642785299a6a9-01
x-timer: S1707703071.562134,VS0,VE574
etag: W/"369d-2jSdaiV3IRBqSnT0KPTz6/PH6Is"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame 9EBE 493 KB
197 KB 147ms
47ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfLxlshAAAAAIrT1UFURK-Th2YG8F7JEuKq3OpM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://raisedonors.com/
Origin: https://raisedonors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 17:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200774
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 17:00:14 GMT

GET
H3 200 secure-icon-3-dark.svg
raisedonors.com/img/ Frame 9EBE 5 KB
2 KB 477ms
476ms Image
image/svg+xml 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisedonors.com/img/secure-icon-3-dark.svg

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/css/donation/master.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba27f21a0eb6f275c2bfd3922f40a7875682865c7a9d661983dd0a17921dce01

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/css/donation/master.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 03 Dec 2019 16:59:20 GMT
server: cloudflare
etag: W/"d23dd11fba9d51:0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391f088758d8-TXL
expires: Mon, 12 Feb 2024 02:27:51 GMT

GET
H3 200 pp-venmo.svg
raisedonors.com/img/payment/ Frame 9EBE 5 KB
3 KB 153ms
153ms Image
image/svg+xml 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisedonors.com/img/payment/pp-venmo.svg

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/css/donation/master.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456a31c4288a270285fc58458798d16a89458b49a517fdf31c1d77fd89667632

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/css/donation/master.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 10 Dec 2021 18:06:21 GMT
server: cloudflare
etag: W/"1d9623a3f0edd71:0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 8541391f088858d8-TXL
expires: Mon, 12 Feb 2024 02:27:50 GMT

GET
DATA 200
OK truncated
/ Frame 9EBE 113 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848536686a6e7e46d97513420a5b381823adf1c2e8169e009aebb16774cb4e3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 9EBE 19 KB
20 KB 162ms
46ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://raisedonors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 21:32:46 GMT
x-content-type-options: nosniff
age: 188704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 21:32:46 GMT

GET
H3 200 fontawesome-webfont.woff2
raisedonors.com/fonts/fontawesome/ Frame 9EBE 70 KB
71 KB 152ms
152ms Font
application/font-woff2 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
Origin: https://raisedonors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 71760
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 03 Dec 2019 16:54:19 GMT
server: cloudflare
etag: "c7f7474efaa9d51:0"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
accept-ranges: bytes
cf-ray: 8541391f188d58d8-TXL
expires: Mon, 12 Feb 2024 02:27:50 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 9EBE 20 KB
20 KB 190ms
74ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://raisedonors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:12:40 GMT
x-content-type-options: nosniff
age: 467110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 16:12:40 GMT

GET
BLOB 200
OK 7ce8dc82-50b0-4526-9835-6491cd86b0a4 Show response
https://aul.org/ Frame 83D6 345 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/7ce8dc82-50b0-4526-9835-6491cd86b0a4
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7dae77bc6dd7a646f60d9f8341c4180834c91e93afe860471e18aa58b38a036

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 345
Content-Type: text/javascript

GET
BLOB 200
OK 244b0781-c667-49cd-a97e-64c482ff9bab Show response
https://aul.org/ Frame 83D6 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/244b0781-c667-49cd-a97e-64c482ff9bab
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df67a4dc5c686052427d1de8e371218a5988fa47d9771280a6734aa5add1e86c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 3295
Content-Type: text/javascript

GET
H3 200 nitro-min-jquery.min.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/ajax.googleapis.com/ajax/libs/jquery/2.1.3/ Frame 83D6 82 KB
30 KB 69ms
69ms Script
text/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/ajax.googleapis.com/ajax/libs/jquery/2.1.3/nitro-min-jquery.min.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-149eb"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58094534-TXL
link: <https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 17a76a73-2416-4ef2-8698-f074a4ece5b8 Show response
https://aul.org/ Frame 83D6 439 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/17a76a73-2416-4ef2-8698-f074a4ece5b8
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52501bf1dac2e548211e7bc853d468c59188c132930259775f22aeb3d24adf70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 439
Content-Type: text/javascript

GET
H3 200 nitro-min-tpbr_front.min.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/top-bar/js/ Frame 83D6 5 KB
2 KB 73ms
72ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/top-bar/js/nitro-min-tpbr_front.min.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 859a548b863dd42958a781bf8782e0867d3a8fc29168cc402b2e5a4d6df9e547

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-139c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f580a4534-TXL
link: <https://aul.org/wp-content/plugins/top-bar/js/tpbr_front.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-analytics-talk-content-tracking.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/duracelltomi-google-tag-manager/js/ Frame 83D6 2 KB
894 B 73ms
73ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/duracelltomi-google-tag-manager/js/nitro-min-analytics-talk-content-tracking.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 870487091507c35dc307e611668912d4aa11a67c5fdfee12adb8e47f7f50888c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-81f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f580b4534-TXL
link: <https://aul.org/wp-content/plugins/duracelltomi-google-tag-manager/js/analytics-talk-content-tracking.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 56ba59c1-0b68-40e2-98dd-ce8a50d5ca31 Show response
https://aul.org/ Frame 83D6 397 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/56ba59c1-0b68-40e2-98dd-ce8a50d5ca31
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85ac95feffe5abad7ac4eb34658df85b1e1c51ae381ed1c01edc02747b75b2bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 397
Content-Type: text/javascript

GET
BLOB 200
OK 2058f38b-5772-4650-8972-7536a6ca3bac Show response
https://aul.org/ Frame 83D6 150 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/2058f38b-5772-4650-8972-7536a6ca3bac
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c899038c8e2905f25adf7b9ea7a570c55e14364559627a57430a7aa070774a55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 150
Content-Type: text/javascript

GET
BLOB 200
OK 978f24cc-aa97-4a2a-8a42-d87e17619819 Show response
https://aul.org/ Frame 83D6 340 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/978f24cc-aa97-4a2a-8a42-d87e17619819
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b4dcfb0dc16f4862c772a5d80c1d79731317b1a123969647443c9a49d3a0c3a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 340
Content-Type: text/javascript

GET
BLOB 200
OK 82037894-efab-4b35-926a-ea5ba81b98df Show response
https://aul.org/ Frame 83D6 352 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/82037894-efab-4b35-926a-ea5ba81b98df
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c45b6018532733b4221ea6cb262260f70f91feaa19a20185f5ca042dedb5308

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 352
Content-Type: text/javascript

GET
BLOB 200
OK 374ca549-0717-4964-b3ee-91139f8da750 Show response
https://aul.org/ Frame 83D6 445 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/374ca549-0717-4964-b3ee-91139f8da750
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f230f66d85876bf17c138ebf7e5c3071a28e41455b63f4756f59d23137e1eee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 445
Content-Type: text/javascript

GET
H3 200 nitro-min-iframeSizer-referenced-by-iframe.min.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/raisedonors.com/js/donation/ Frame 83D6 12 KB
5 KB 50ms
50ms Script
application/x-javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/raisedonors.com/js/donation/nitro-min-iframeSizer-referenced-by-iframe.min.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3b9e87f54d064e14546fa427e05092a9587f43cf28635331dfc040d506224b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 05:08:34 GMT
server: cloudflare
etag: W/"65c06d52-2ee5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f580d4534-TXL
link: <https://raisedonors.com/js/donation/iframeSizer-referenced-by-iframe.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 53df9df1-fa7c-4b97-b670-33b6987d1f61 Show response
https://aul.org/ Frame 83D6 35 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/53df9df1-fa7c-4b97-b670-33b6987d1f61
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb35d54ecd5bfd50db4bfa50b634994e895c399bed2048c66f85669c4b7c0b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 35
Content-Type: text/javascript

GET
BLOB 200
OK d37b1d90-0db7-4a8d-8f5b-23f38c08e9a5 Show response
https://aul.org/ Frame 83D6 609 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/d37b1d90-0db7-4a8d-8f5b-23f38c08e9a5
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bc56184857ba81ffbc277a043d22686cf1b2fc6cff53be84e92ee4915c242e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 609
Content-Type: text/javascript

GET
H3 200 nitro-min-f8b349144decfc2366c82c13bf74919d.videopress-iframe.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/v0.wordpress.com/js/next/ Frame 83D6 5 KB
2 KB 51ms
51ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/v0.wordpress.com/js/next/nitro-min-f8b349144decfc2366c82c13bf74919d.videopress-iframe.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43408b83c4204c88df63426b6208c663b9fb4eb0c971eec1d039a2a0f577b0e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 01:23:47 GMT
server: cloudflare
etag: W/"65c038a3-12b9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f580e4534-TXL
link: <https://v0.wordpress.com/js/next/videopress-iframe.js?m=1674852142>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK d973df91-952b-46c1-a1c0-0135f39a3b7d Show response
https://aul.org/ Frame 83D6 354 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/d973df91-952b-46c1-a1c0-0135f39a3b7d
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 324bb616ac703488037fe267d3be4a9c9e06ab38861d8b0574689b5b5c006f7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 354
Content-Type: text/javascript

GET
H3 200 nitro-min-wp-polyfill-inert.min.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/c0.wp.com/c/6.4.3/wp-includes/js/dist/vendor/ Frame 83D6 8 KB
3 KB 52ms
52ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/c0.wp.com/c/6.4.3/wp-includes/js/dist/vendor/nitro-min-wp-polyfill-inert.min.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-207b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f580f4534-TXL
link: <https://c0.wp.com/c/6.4.3/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-regenerator-runtime.min.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/c0.wp.com/c/6.4.3/wp-includes/js/dist/vendor/ Frame 83D6 6 KB
3 KB 56ms
56ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/c0.wp.com/c/6.4.3/wp-includes/js/dist/vendor/nitro-min-regenerator-runtime.min.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-1a73"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58104534-TXL
link: <https://c0.wp.com/c/6.4.3/wp-includes/js/dist/vendor/regenerator-runtime.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-wp-polyfill.min.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/c0.wp.com/c/6.4.3/wp-includes/js/dist/vendor/ Frame 83D6 112 KB
36 KB 64ms
64ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/c0.wp.com/c/6.4.3/wp-includes/js/dist/vendor/nitro-min-wp-polyfill.min.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-1c241"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58114534-TXL
link: <https://c0.wp.com/c/6.4.3/wp-includes/js/dist/vendor/wp-polyfill.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-frontend.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/sensei-lms/assets/dist/blocks/ Frame 83D6 3 KB
1 KB 47ms
47ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/sensei-lms/assets/dist/blocks/nitro-min-frontend.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0f7cc62e8e2a2ec85badc0b8af1af5403de08418d49e067b79f95d5c97bd220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-b6d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58124534-TXL
link: <https://aul.org/wp-content/plugins/sensei-lms/assets/dist/blocks/frontend.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-coblocks-animation.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/coblocks/dist/js/ Frame 83D6 412 B
484 B 57ms
57ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/coblocks/dist/js/nitro-min-coblocks-animation.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c1967d4bc375b190863aabb8bb22a2da4ec5461f8dfd8add4987e3687a26ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-228"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58144534-TXL
link: <https://aul.org/wp-content/plugins/coblocks/dist/js/coblocks-animation.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-tiny-swiper.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/coblocks/dist/js/vendors/ Frame 83D6 10 KB
4 KB 58ms
57ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/coblocks/dist/js/vendors/nitro-min-tiny-swiper.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1882608f84e795b684548d2f468653fd68c50b3a8dbb3b63a28537112222a208

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-2998"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58154534-TXL
link: <https://aul.org/wp-content/plugins/coblocks/dist/js/vendors/tiny-swiper.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK afb4953e-9685-4f0e-b38f-98f23d7bd2d8 Show response
https://aul.org/ Frame 83D6 164 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/afb4953e-9685-4f0e-b38f-98f23d7bd2d8
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20cdaa9fafe6e52e0ae2f7edf5657307d6a138e355a7396b9c6d5ebf00e7ea2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 164
Content-Type: text/javascript

GET
H3 200 nitro-min-coblocks-tinyswiper-initializer.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/coblocks/dist/js/ Frame 83D6 14 KB
6 KB 58ms
58ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/coblocks/dist/js/nitro-min-coblocks-tinyswiper-initializer.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc8c00f9c709b002856df234b920785bd69ba089627ab5197b65e4bea07fafe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-38fb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58164534-TXL
link: <https://aul.org/wp-content/plugins/coblocks/dist/js/coblocks-tinyswiper-initializer.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-dismiss.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/genesis-blocks/dist/assets/js/ Frame 83D6 521 B
511 B 53ms
52ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/genesis-blocks/dist/assets/js/nitro-min-dismiss.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c55fd69d07d9c588869307dfa2b0a4fafa16c85b99e5e66c7963d57348b19126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-297"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58174534-TXL
link: <https://aul.org/wp-content/plugins/genesis-blocks/dist/assets/js/dismiss.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-bootstrap.min.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/ Frame 83D6 35 KB
10 KB 72ms
72ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/nitro-min-bootstrap.min.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-8afc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58184534-TXL
link: <https://aul.org/wp-content/themes/aul2022/js/bootstrap.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-fastclick.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/ Frame 83D6 8 KB
3 KB 62ms
62ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/nitro-min-fastclick.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9cd5ebdee571591bf7af5cf6cf5d0d1ad5289f06a39be3e7cf426e2796f62f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-1efa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f581a4534-TXL
link: <https://aul.org/wp-content/themes/aul2022/js/fastclick.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-smoothScroll.min.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/ Frame 83D6 11 KB
4 KB 59ms
59ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/nitro-min-smoothScroll.min.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91e4dc2c2a3b780c1c7e4a598d1b27e937f990e09f7dc4ea7f38f52dcacf7767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-2c6a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f581c4534-TXL
link: <https://aul.org/wp-content/themes/aul2022/js/smoothScroll.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-css3-animate-it.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/ Frame 83D6 3 KB
1 KB 73ms
73ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/nitro-min-css3-animate-it.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef94527ba375b4c6d9ed7ca05c655a46f13e112df8d032d81d8b6895ee5137d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-df4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f581d4534-TXL
link: <https://aul.org/wp-content/themes/aul2022/js/css3-animate-it.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-animsition.min.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/ Frame 83D6 5 KB
2 KB 61ms
61ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/nitro-min-animsition.min.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f32da6bf81134c664b32582076b8260b3b614d508d5c651d0907b581df2a9323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-1670"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f581e4534-TXL
link: <https://aul.org/wp-content/themes/aul2022/js/animsition.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-jquery.fitvids.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/ Frame 83D6 2 KB
970 B 54ms
54ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/nitro-min-jquery.fitvids.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1480dde465c92981da40ccf7258d0c58c707be591589060515d5cbf36c5d86d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-797"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f581f4534-TXL
link: <https://aul.org/wp-content/themes/aul2022/js/jquery.fitvids.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-lazyload.min.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/ Frame 83D6 5 KB
2 KB 74ms
74ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/nitro-min-lazyload.min.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df50ad40e7a4372ad40371b063628eee9ef379debecfb6c1cf8f51d7d97d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-1604"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58204534-TXL
link: <https://aul.org/wp-content/themes/aul2022/js/lazyload.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-4e449798a3eeaccd59bdfc5074a18cb3.jquery.site.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/ Frame 83D6 4 KB
2 KB 53ms
53ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/themes/aul2022/js/nitro-min-4e449798a3eeaccd59bdfc5074a18cb3.jquery.site.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a12b2bda65973e805ad713e77fac20f5a9589c7da0b43a09e01b4ab496735935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-1199"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58214534-TXL
link: <https://aul.org/wp-content/themes/aul2022/js/jquery.site.js?ver=1.3>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 8cefab8e-9531-4da7-af23-bf2486a81c22 Show response
https://aul.org/ Frame 83D6 306 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/8cefab8e-9531-4da7-af23-bf2486a81c22
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf27313110241ec86252f234452ff739c7a9ff9622b94396be1f6b58dff62be4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 306
Content-Type: text/javascript

GET
BLOB 200
OK fd15f163-fc81-4627-b381-269432f468fd Show response
https://aul.org/ Frame 83D6 436 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/fd15f163-fc81-4627-b381-269432f468fd
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 358cf27d0edfb059ee395e889adffcd4aee6e67d4a77cb21af50cce586eaf90c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 436
Content-Type: text/javascript

GET
BLOB 200
OK 438a2dfd-3ed8-4bb2-bac6-43fe4666a11a Show response
https://aul.org/ Frame 83D6 273 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/438a2dfd-3ed8-4bb2-bac6-43fe4666a11a
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 315ff4e09430a63587b8ff2e41410cfeb048adc3654bbd51d057bdc3a49b6338

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 273
Content-Type: text/javascript

GET
H3 200 nitro-min-token-bridge.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/lib/ Frame 83D6 10 KB
4 KB 59ms
59ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/lib/nitro-min-token-bridge.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3696ef852f018e3b130f41487d1e664cb1843d9c34917a7e1ef2b52742caf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:45:35 GMT
server: cloudflare
etag: W/"65c02faf-2840"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58224534-TXL
link: <https://aul.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/lib/token-bridge.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-videopress-iframe-api.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/s0.wp.com/wp-content/plugins/video/assets/js/videojs/ Frame 83D6 11 KB
3 KB 74ms
74ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/s0.wp.com/wp-content/plugins/video/assets/js/videojs/nitro-min-videopress-iframe-api.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92c6c068ba3bc54d10f8946a1da59baca4cd3ba45784bc96687223ad3034d5d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 01:23:47 GMT
server: cloudflare
etag: W/"65c038a3-2acb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58244534-TXL
link: <https://s0.wp.com/wp-content/plugins/video/assets/js/videojs/videopress-iframe-api.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 0745848e-9ddc-4eb0-8819-747f6bf8f32e Show response
https://aul.org/ Frame 83D6 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/0745848e-9ddc-4eb0-8819-747f6bf8f32e
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e629e8296771153d957e62b6a2e962a6818f5d3b6681f5a4bcc5722f20134311

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 1485
Content-Type: text/javascript

GET
H3 200 nitro-min-jetpack-carousel.min.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/jetpack/_inc/build/carousel/ Frame 83D6 23 KB
8 KB 75ms
75ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/jetpack/_inc/build/carousel/nitro-min-jetpack-carousel.min.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66e324493b6a145a004d03c0548370be06c879ef95e8072ff8247d0964b26499

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:41 GMT
server: cloudflare
etag: W/"65c02a51-5e04"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58264534-TXL
link: <https://aul.org/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-1e764cd962e3300288486591a5daba1d.bilmur.min.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/s0.wp.com/wp-content/js/ Frame 83D6 6 KB
3 KB 63ms
63ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/s0.wp.com/wp-content/js/nitro-min-1e764cd962e3300288486591a5daba1d.bilmur.min.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 216728e33a7de4be9b784eff527c6ccf1658319ea78fe66a7864c0b923200252

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-1694"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58284534-TXL
link: <https://s0.wp.com/wp-content/js/bilmur.min.js?m=202406>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-e-202406.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/stats.wp.com/ Frame 83D6 7 KB
3 KB 76ms
76ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/stats.wp.com/nitro-min-e-202406.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-1d04"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f58294534-TXL
link: <https://stats.wp.com/e-202406.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
H3 200 nitro-min-dropdown.js Show response
cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/gtranslate/js/ Frame 83D6 8 KB
4 KB 77ms
77ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-dmecc.nitrocdn.com/lPBZzUUIDkfAhDxsBRvZOqwnTQDarHRm/assets/static/optimized/rev-1f637fa/aul.org/wp-content/plugins/gtranslate/js/nitro-min-dropdown.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03fedc482089d542893c9fa4054b9a4e71cb3109b9fa3a1e539570609015fd63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 00:22:19 GMT
server: cloudflare
etag: W/"65c02a3b-2130"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 8541391f582a4534-TXL
link: <https://aul.org/wp-content/plugins/gtranslate/js/dropdown.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 5281a109-d481-4b65-bf01-03699a81cab7
https://aul.org/ Frame 83D6 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aul.org/5281a109-d481-4b65-bf01-03699a81cab7
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 virtuous.tracker.shim.min.js Show response
cdn.virtuoussoftware.com/tracker/ Frame 83D6 403 B
706 B 937ms
715ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.virtuoussoftware.com/tracker/virtuous.tracker.shim.min.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 99f616c6d45abe6674604a6cecea1a644bef34e62811b6a947813f5a070a9646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 01:57:51 GMT
last-modified: Tue, 26 Oct 2021 20:56:22 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 2KPWonGclUvPQiVP4IfnBw==
etag: 0x8D998C311788C0C
content-type: application/javascript
x-ms-request-id: 5eaf209d-e01e-010e-2556-5d4e56000000
cache-control: no-cache, no-store, must-revalidate
x-ms-version: 2009-09-19
content-length: 403

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 83D6 175 KB
63 KB 120ms
116ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-548FGFB

Requested by

Host: aul.org
URL: https://aul.org/give/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77eacb73d85e518f2bcd25cad6807b3fe62a1ba7316cbfb302a987924e558335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64017
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Feb 2024 01:57:50 GMT

GET
H2 200 hotjar-3842386.js Show response
static.hotjar.com/c/ Frame 83D6 9 KB
4 KB 151ms
59ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3842386.js?sv=5

Requested by

Host: aul.org
URL: https://aul.org/give/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

faafe3e96e65d2a276327814db60cb56cca568cfbd27a8ab73b8edbdb585c550

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/8540dbafa6b4fae118c5616ae2ae2957
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: uxiGnlaR7cruIPCifrBF5I4ZZ4d1Ml7b4ioF3kmdQaWZhYLHY-O5GQ==

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 83D6 45 KB
17 KB 148ms
46ms Script
text/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: aul.org
URL: https://aul.org/give/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:54:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 173
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Mon, 12 Feb 2024 03:54:57 GMT

GET
H2 200 g.gif
pixel.wp.com/ Frame 83D6 50 B
178 B 84ms
27ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=152807011&post=40347&tz=-5&srv=aul.org&hp=atomic&ac=2&amp=0&j=1%3A13.1-a.9&host=aul.org&ref=https%3A%2F%2Fsecure.wp.co.de%2F&fcp=0&rand=0.09966781768833899
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Feb 2024 01:57:50 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 loading.svg
aul.org/wp-content/themes/aul2022/images/ Frame 83D6 1 KB
737 B 349ms
349ms Image
image/svg+xml 192.0.78.203
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aul.org/wp-content/themes/aul2022/images/loading.svg

Requested by

Host: aul.org
URL: https://aul.org/give/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.203 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c71ef4264fb1c3a84f2b1e5ec8d87d852d1d62b1eee97ef3874091cd6cea9798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/give/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 14 Jun 2022 16:51:09 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"62a8bc7d-488"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
expires: Mon, 19 Feb 2024 01:57:50 GMT

GET
H2 200 wp-emoji-release.min.js Show response
aul.org/wp-includes/js/ Frame 83D6 18 KB
5 KB 194ms
194ms Script
application/javascript 192.0.78.203
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://aul.org/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: aul.org
URL: https://aul.org/give/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.203 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/give/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"63db0985-4904"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
expires: Mon, 19 Feb 2024 01:57:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 9EBE 179 KB
65 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-47436227-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZW7V09F20F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bfc23481ffba55d85754f61908cba9c583eec7fac83b74b2b58b4678981fe0e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66690
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Feb 2024 01:57:50 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ Frame 9EBE 0
253 B 97ms
33ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZW7V09F20F&gtm=45je4270v892869246za200&_p=1707703070546&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=687713120.1707703071&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707703070&sct=1&seg=0&dl=https%3A%2F%2Fraisedonors.com%2Famericansunitedforlife%2Fdonation-page%3Fembed%3Dtrue&dr=https%3A%2F%2Faul.org%2F&dt=Donation%20Page%20%7C%20Americans%20United%20for%20Life&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1738
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZW7V09F20F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 01:57:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://raisedonors.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.8414bbb3c65a3c228a5a.js Show response
script.hotjar.com/ Frame 83D6 218 KB
55 KB 150ms
48ms Script
application/javascript 99.84.88.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8414bbb3c65a3c228a5a.js

Requested by

Host: aul.org
URL: https://aul.org/give/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-12.muc50.r.cloudfront.net

Software

Resource Hash

290f298e1bb2bdcb4feccae77ba34dbc0cdccadbbcfa8489d758edb282bd1f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 12:50:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 37e2872b8b14122ba8fe3a34c3bb506a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 220064
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55350
last-modified: Fri, 09 Feb 2024 12:49:54 GMT
etag: "a7ea8f13d71da1eabb486d86cde54573"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: aPNBrMh8BRq2_JdCIfriu9nTv5uWmENCqD6UUMinRfvx7ghv3Ygosg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 83D6 274 KB
92 KB 67ms
67ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CVGV1YBRNR&l=dataLayer&cx=c

Requested by

Host: aul.org
URL: https://aul.org/give/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30060e4904aba669f6b64947e5d9310ffd35b1e0b7518286c4d83c013bc2b949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93850
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Feb 2024 01:57:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 9EBE 52 KB
21 KB 145ms
46ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-47436227-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 582
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 12 Feb 2024 03:48:09 GMT

GET
H2 200 controller-950b9f5e9bda362260a14e88a3ddb032.html Show response
js.stripe.com/v3/ Frame 0DF1 325 B
778 B 28ms
27ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5fb200e444385808218be1153a595f5df230b0bc7624a10bd0045e5fe0dab01f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://raisedonors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 10
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 190
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 01:57:51 GMT
etag: "950b9f5e9bda362260a14e88a3ddb032"
last-modified: Fri, 09 Feb 2024 21:04:11 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 047fb4c2-6f65-453f-800f-9f6232eba7f6
x-served-by: cache-fra-eddf8230138-FRA

GET
H3 200 css Show response
fonts.googleapis.com/ Frame 9EBE 6 KB
670 B 149ms
57ms Fetch
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700&display=swap

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11e0dd0b1244f412de7027e164697e76b77f87c85bb6d5e74ef23237ded7699b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://raisedonors.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Feb 2024 01:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 01:57:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Feb 2024 01:57:51 GMT

GET
H2 200 elements-inner-card-6f369a615bb526a5aca6d5b29a560fee.html Show response
js.stripe.com/v3/ Frame ED63 798 B
1 KB 27ms
27ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-6f369a615bb526a5aca6d5b29a560fee.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

221a099f1d681d3b9f12ea559f341358e73388c4d93241d396a54f3badf50e9c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://raisedonors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 190259
cache-control: max-age=31536000
content-encoding: br
content-length: 361
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 01:57:51 GMT
etag: "6f369a615bb526a5aca6d5b29a560fee"
last-modified: Fri, 09 Feb 2024 21:04:11 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4424
x-content-type-options: nosniff
x-request-id: 3229437c-2d1c-4edc-83bf-0d4bd05c8d45
x-served-by: cache-fra-eddf8230138-FRA

GET
H2 200 controller-950b9f5e9bda362260a14e88a3ddb032.html Show response
js.stripe.com/v3/ Frame A401 325 B
265 B 27ms
27ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5fb200e444385808218be1153a595f5df230b0bc7624a10bd0045e5fe0dab01f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://raisedonors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 10
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 190
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 01:57:51 GMT
etag: "950b9f5e9bda362260a14e88a3ddb032"
last-modified: Fri, 09 Feb 2024 21:04:11 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: e2c7dbe1-cf1c-4681-bb23-792a2b0a302c
x-served-by: cache-fra-eddf8230138-FRA

GET
H2 200 payment-request-inner-google-pay-6ed0dad2f7bcedfc54af156fdc78405e.html Show response
js.stripe.com/v3/ Frame 0D20 408 B
1 KB 28ms
28ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-6ed0dad2f7bcedfc54af156fdc78405e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

55a74b8700189b6c9e81dbe2d31ccba09f625f13246b35ed61d733146b0ea9d6

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://raisedonors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 190198
cache-control: max-age=31536000
content-encoding: br
content-length: 223
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 01:57:51 GMT
etag: "6ed0dad2f7bcedfc54af156fdc78405e"
last-modified: Fri, 09 Feb 2024 21:04:25 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1543
x-content-type-options: nosniff
x-request-id: 54803b5b-29eb-4d0d-811b-620d50354dbb
x-served-by: cache-fra-eddf8230138-FRA

GET
H2 200 payment-request-inner-browser-dfdedcdd20b87aa34dc351dae57e7bb2.html Show response
js.stripe.com/v3/ Frame 98F8 344 B
1 KB 28ms
28ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-dfdedcdd20b87aa34dc351dae57e7bb2.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1eb645a1ca6fcf3170fec1970e9288b3fcc79333f63ae7e69b1eedd9c2e34575

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://raisedonors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 35
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 201
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 01:57:51 GMT
etag: "dfdedcdd20b87aa34dc351dae57e7bb2"
last-modified: Fri, 09 Feb 2024 21:04:25 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 43b84cbf-0feb-4322-b189-318a31277808
x-served-by: cache-fra-eddf8230138-FRA

GET
H2 200 virtuous.tracker.shim.min.js Show response
cdn.virtuoussoftware.com/tracker/ Frame 9EBE 403 B
480 B 716ms
716ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.virtuoussoftware.com/tracker/virtuous.tracker.shim.min.js
Requested by: Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 99f616c6d45abe6674604a6cecea1a644bef34e62811b6a947813f5a070a9646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 01:57:51 GMT
last-modified: Tue, 26 Oct 2021 20:56:22 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 2KPWonGclUvPQiVP4IfnBw==
etag: 0x8D998C311788C0C
content-type: application/javascript
x-ms-request-id: f49325f4-b01e-0019-7e56-5dc860000000
cache-control: no-cache, no-store, must-revalidate
x-ms-version: 2009-09-19
content-length: 403

GET
H2 200 shared-cee4d876522269239fb4ff7189c2b9f6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0DF1 535 KB
130 KB 27ms
27ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-cee4d876522269239fb4ff7189c2b9f6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

55561348492a1330f7ff4c88e4b01dd64d6e5d641e00cfb612c7fcadafd7ff00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 190281
x-cache: HIT
content-length: 132989
x-request-id: 1f38d1a8-cf62-41e9-b3ea-23d9c3eefead
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 09 Feb 2024 21:04:23 GMT
server: Fastly
etag: "2b78babeb59406ff5718db97ee0a8cbb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 352

GET
H2 200 controller-a24532a2e02301408b7ed04cd39a6a07.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0DF1 691 KB
181 KB 38ms
38ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-a24532a2e02301408b7ed04cd39a6a07.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e2487e0c110178dbb2c7c2e78671aeebe08a3dba6fafd7ae681f2c944d44fe07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 190281
x-cache: HIT
content-length: 185020
x-request-id: 01bbf311-e46a-45b9-bd2e-3112c5182837
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 09 Feb 2024 21:04:21 GMT
server: Fastly
etag: "d1077985fae79dd9de9067a47aba1122"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 325

GET
H2 200 shared-cee4d876522269239fb4ff7189c2b9f6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame ED63 535 KB
130 KB 62ms
61ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-cee4d876522269239fb4ff7189c2b9f6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6f369a615bb526a5aca6d5b29a560fee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

55561348492a1330f7ff4c88e4b01dd64d6e5d641e00cfb612c7fcadafd7ff00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6f369a615bb526a5aca6d5b29a560fee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 190281
x-cache: HIT
content-length: 132989
x-request-id: 20babfa3-b2b9-40c4-a20e-9f8cd590cd6a
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 09 Feb 2024 21:04:23 GMT
server: Fastly
etag: "2b78babeb59406ff5718db97ee0a8cbb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 353

GET
H2 200 ui-shared-6011091d6cb0466339e5cdcfcf474e60.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame ED63 420 KB
118 KB 61ms
61ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-6011091d6cb0466339e5cdcfcf474e60.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6f369a615bb526a5aca6d5b29a560fee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0b904eff99fe4511a7a4eafc8ae8fccc8e15ee0febd01827783c559cbef69514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6f369a615bb526a5aca6d5b29a560fee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 190273
x-cache: HIT
content-length: 120363
x-request-id: c147d215-4437-4967-b03e-468db56c9a46
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 09 Feb 2024 21:04:24 GMT
server: Fastly
etag: "3731df435ba9818ed1a4169c0586b7f0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4802

GET
H2 200 elements-inner-card-4379e483cb149056ba0cdfea417b689b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame ED63 55 KB
16 KB 64ms
64ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-4379e483cb149056ba0cdfea417b689b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6f369a615bb526a5aca6d5b29a560fee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b3152565ddf9b65353d3900e15e25a820693315d88140a5e49d2acdaa557d0b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6f369a615bb526a5aca6d5b29a560fee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 200614
x-cache: HIT
content-length: 15635
x-request-id: 29ae8505-525c-482c-aea7-1c2ab8203e93
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 09 Feb 2024 18:11:53 GMT
server: Fastly
etag: "f2ab6e4d9824c383d3f53d9be2ddc79d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3424

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame ED63 20 KB
3 KB 59ms
59ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6f369a615bb526a5aca6d5b29a560fee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6f369a615bb526a5aca6d5b29a560fee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 2839929
x-cache: HIT
content-length: 3304
x-request-id: 7192f2f1-c3b5-4c1a-8a4e-2836c8d535e8
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Mon, 24 Jul 2023 20:23:04 GMT
server: Fastly
etag: "b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 55818

GET
H2 200 elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css
js.stripe.com/v3/fingerprinted/css/ Frame ED63 14 KB
2 KB 59ms
59ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6f369a615bb526a5aca6d5b29a560fee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6f369a615bb526a5aca6d5b29a560fee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 200614
x-cache: HIT
content-length: 2260
x-request-id: f5cc1814-f125-4c47-b3de-68f2d7b6ee1b
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 09 Feb 2024 18:11:43 GMT
server: Fastly
etag: "87bf0041cf7ae5e77d770c423e25828a"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3326

GET
H3 200 functions.js Show response
raisedonors.com/js/donation/options/smartystreets/ Frame 9EBE 9 KB
3 KB 473ms
473ms Script
application/x-javascript 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/js/donation/options/smartystreets/functions.js

Requested by

Host: secure.wp.co.de
URL: https://secure.wp.co.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55a3571ea06801a47858d2b5a72acf068af7787536d37e2528324f8ff82108f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://raisedonors.com/js/donation/options/smartystreets/autocomplete.min.js
Origin: https://raisedonors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=16422
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
request-context: appId=cid-v1:9c174d1d-77a4-4725-b5b9-dd1a1992cad0
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Fri, 16 Sep 2022 23:10:41 GMT
server: cloudflare
etag: W/"b5d2538a21cad81:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1800
feature-policy: geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment *;
cf-ray: 854139228ae758d8-TXL
expires: Mon, 12 Feb 2024 02:27:51 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 0DF1 0
715 B 845ms
426ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.wp.co.de
URL: https://secure.wp.co.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707703071829719
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707703071829201
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame ED63 0
716 B 844ms
426ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.wp.co.de
URL: https://secure.wp.co.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707703071830399
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707703071829653
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame ED63 0
716 B 826ms
408ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.wp.co.de
URL: https://secure.wp.co.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707703071829784
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707703071829307
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 9EBE 2 B
206 B 54ms
54ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1011312792&t=pageview&_s=1&dl=https%3A%2F%2Fraisedonors.com%2Famericansunitedforlife%2Fdonation-page%3Fembed%3Dtrue&dr=https%3A%2F%2Faul.org%2F&ul=en-us&de=UTF-8&dt=Donation%20Page%20%7C%20Americans%20United%20for%20Life&sd=24-bit&sr=1600x1200&vp=800x2087&je=0&_u=YADAAUABAAAAACAAIC~&jid=2084022977&gjid=561460674&cid=687713120.1707703071&tid=UA-47436227-1&_gid=605312725.1707703071&_r=1&gtm=457e4270za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=80029081

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://raisedonors.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 01:57:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://raisedonors.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
aul.org/2024/01/11/john-mize-appointed-ceo-of-americans-united-for-life/ Frame 83D6 0
45 KB 383ms
383ms Other
text/html 192.0.78.203
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://aul.org/2024/01/11/john-mize-appointed-ceo-of-americans-united-for-life/

Requested by

Host: aul.org
URL: https://aul.org/give/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.78.203 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/give/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-nitro-cache-from: plugin
x-hacker: Want root? Visit join.a8c.com and mention this header.
date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=31536000
x-nananana: Batcache-Set
content-encoding: br
x-ac: 2.hhn _atomic_ams BYPASS
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Feb 2024 01:57:51 GMT
server: nginx
vary: Accept-Encoding, Cookie, user-agent
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-nitro-cache: HIT
x-nitro-rev: 1f637fa
link: <https://cdn-dmecc.nitrocdn.com>; rel=preconnect, <https://aul.org/wp-json/>; rel="https://api.w.org/", <https://aul.org/wp-json/wp/v2/posts/59270>; rel="alternate"; type="application/json", <https://wp.me/pala5d-fpY>; rel=shortlink
x-cache-ctime: 1707104655

GET
H2 200 shared-cee4d876522269239fb4ff7189c2b9f6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A401 535 KB
130 KB 46ms
45ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-cee4d876522269239fb4ff7189c2b9f6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

55561348492a1330f7ff4c88e4b01dd64d6e5d641e00cfb612c7fcadafd7ff00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 190281
x-cache: HIT
content-length: 132989
x-request-id: e46718ff-5523-4ca9-859b-089362059fac
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 09 Feb 2024 21:04:23 GMT
server: Fastly
etag: "2b78babeb59406ff5718db97ee0a8cbb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 354

GET
H2 200 controller-a24532a2e02301408b7ed04cd39a6a07.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A401 691 KB
181 KB 46ms
45ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-a24532a2e02301408b7ed04cd39a6a07.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e2487e0c110178dbb2c7c2e78671aeebe08a3dba6fafd7ae681f2c944d44fe07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 190281
x-cache: HIT
content-length: 185020
x-request-id: 484665d7-8075-445c-b82a-99cfa199ccfc
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 09 Feb 2024 21:04:21 GMT
server: Fastly
etag: "d1077985fae79dd9de9067a47aba1122"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 326

POST
H2 200 csp-report
q.stripe.com/ Frame A401 0
715 B 803ms
405ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.wp.co.de
URL: https://secure.wp.co.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707703071830034
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707703071829310
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 0D20 117 KB
36 KB 181ms
82ms Script
application/javascript 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-6ed0dad2f7bcedfc54af156fdc78405e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52fb7e9057452b20c007eb6591bd75bcd68128125365b1dcbd98819c75766068

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PWZqEuB8rujh62FNtgTu-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PWZqEuB8rujh62FNtgTu-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjqtHikmJw15BiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ3VKn8EaBMQ-9TNYY4BYiIdj_rel69gEPrz_3M4IAODtN8g"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 12 Feb 2024 01:57:51 GMT

GET
H2 200 shared-cee4d876522269239fb4ff7189c2b9f6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0D20 535 KB
130 KB 44ms
44ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-cee4d876522269239fb4ff7189c2b9f6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-6ed0dad2f7bcedfc54af156fdc78405e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

55561348492a1330f7ff4c88e4b01dd64d6e5d641e00cfb612c7fcadafd7ff00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-6ed0dad2f7bcedfc54af156fdc78405e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 190281
x-cache: HIT
content-length: 132989
x-request-id: 463878f7-0d80-48c7-988a-96340d9915c3
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 09 Feb 2024 21:04:23 GMT
server: Fastly
etag: "2b78babeb59406ff5718db97ee0a8cbb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 355

GET
H2 200 payment-request-inner-google-pay-55926d87f8538450887ab383061d3425.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0D20 12 KB
5 KB 27ms
27ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-55926d87f8538450887ab383061d3425.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-6ed0dad2f7bcedfc54af156fdc78405e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f8e37527996d0530694a2a8ddf6afdcf28cc8a05e50ce3ce9d3f2f743b04659f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-6ed0dad2f7bcedfc54af156fdc78405e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 200617
x-cache: HIT
content-length: 5079
x-request-id: 510c08f5-050e-4c66-9f87-612fb26972dc
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 09 Feb 2024 18:11:55 GMT
server: Fastly
etag: "c9c83657cf777673149a15b5cf68258f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1644

GET
H2 200 shared-cee4d876522269239fb4ff7189c2b9f6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 98F8 535 KB
130 KB 44ms
43ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-cee4d876522269239fb4ff7189c2b9f6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-dfdedcdd20b87aa34dc351dae57e7bb2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

55561348492a1330f7ff4c88e4b01dd64d6e5d641e00cfb612c7fcadafd7ff00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-dfdedcdd20b87aa34dc351dae57e7bb2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 190281
x-cache: HIT
content-length: 132989
x-request-id: e681d8d6-d57a-41e1-987e-53903d6c4338
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 09 Feb 2024 21:04:23 GMT
server: Fastly
etag: "2b78babeb59406ff5718db97ee0a8cbb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 356

GET
H2 200 payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 98F8 13 KB
6 KB 44ms
44ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-dfdedcdd20b87aa34dc351dae57e7bb2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-dfdedcdd20b87aa34dc351dae57e7bb2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 200617
x-cache: HIT
content-length: 5631
x-request-id: e0a7d480-f326-47d1-ac5b-d2e7f862dbc5
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 09 Feb 2024 18:11:55 GMT
server: Fastly
etag: "32dba56f50e599b5cc53a055305f8c45"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3360

POST
H2 200 csp-report
q.stripe.com/ Frame 0D20 0
716 B 807ms
412ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.wp.co.de
URL: https://secure.wp.co.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707703071830294
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707703071829673
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 0D20 0
716 B 822ms
427ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.wp.co.de
URL: https://secure.wp.co.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707703071830133
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707703071829323
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 98F8 0
716 B 795ms
400ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.wp.co.de
URL: https://secure.wp.co.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707703071829665
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707703071829190
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 98F8 0
716 B 795ms
401ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.wp.co.de
URL: https://secure.wp.co.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707703071830067
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707703071829244
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ Frame 9EBE 55 KB
17 KB 142ms
35ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=raisedonors.com&t=xo&v=5.0.422&source=payments_sdk&client_id=AU4mTEyH00JLVq0539shoRwLomT6d2fUy3YcX1YK_8voDMI6_G-JzMWrcbzrjtFK2l17aHobVJMxWzPB&comp=buttons,marks,funding-eligibility&disableSetCookie=true&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F6AB) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 98ccbddd1eb1a
dc: ccg11-origin-www-1.paypal.com
content-length: 16488
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (ska/F6AB)
traceparent: 00-000000000000000000098ccbddd1eb1a-2acdc3a6e46a5785-01
etag: "64f25363-daa8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 12 Feb 2024 02:57:51 GMT

GET
H2 200 ts
t.paypal.com/ Frame 9EBE 42 B
511 B 254ms
170ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AQJSZBUDDE36CJ-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AQJSZBUDDE36CJ-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3c6ec446-d33d-4f20-8e5b-4e839a567e7a&fltp=analytics&mrid=QJSZBUDDE36CJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donation%20Page%20%7C%20Americans%20United%20for%20Life&dh=1200&dw=1600&bh=2087&bw=800&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1707703071154&g=-60&completeurl=https%3A%2F%2Fraisedonors.com%2Famericansunitedforlife%2Fdonation-page%3Fembed%3Dtrue&ru=https%3A%2F%2Faul.org%2F&disableSetCookie=true

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 61c99e0413b78
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230110-FRA
pragma: no-cache
correlation-id: 61c99e0413b78
traceparent: 00-000000000000000000061c99e0413b78-bd1acf27550115d6-01
x-timer: S1707703071.250966,VS0,VE143
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Feb 2024 01:57:51 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 9EBE 1 B
345 B 104ms
34ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-47436227-1&cid=687713120.1707703071&jid=2084022977&gjid=561460674&_gid=605312725.1707703071&_u=YADAAUAAAAAAACAAIC~&z=1392789788

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://raisedonors.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Feb 2024 01:57:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://raisedonors.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 0DF1 474 B
612 B 84ms
28ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-cee4d876522269239fb4ff7189c2b9f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a9b24c874778fcf957840190bdbee891232fa9b5b24e123ec5dff9d07bddd9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 112
x-cache: HIT
content-length: 298
x-request-id: c061579f-9e9e-4df9-b093-f7bdb7a4a891
x-served-by: cache-fra-eddf8230090-FRA
last-modified: Fri, 09 Feb 2024 21:38:10 GMT
server: Fastly
etag: "34cc1e1074c48af86b5b1e1a99c47217"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 0DF1 474 B
369 B 77ms
28ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-cee4d876522269239fb4ff7189c2b9f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a9b24c874778fcf957840190bdbee891232fa9b5b24e123ec5dff9d07bddd9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 112
x-cache: HIT
content-length: 298
x-request-id: 8f111043-8360-4751-97b4-3cda66581f48
x-served-by: cache-fra-eddf8230090-FRA
last-modified: Fri, 09 Feb 2024 21:38:10 GMT
server: Fastly
etag: "34cc1e1074c48af86b5b1e1a99c47217"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame ED63 474 B
375 B 52ms
29ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-cee4d876522269239fb4ff7189c2b9f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a9b24c874778fcf957840190bdbee891232fa9b5b24e123ec5dff9d07bddd9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-6f369a615bb526a5aca6d5b29a560fee.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 51
x-cache: HIT
content-length: 298
x-request-id: 0a459a6a-e26e-4cef-a81b-9999a4a34410
x-served-by: cache-fra-eddf8230090-FRA
last-modified: Fri, 09 Feb 2024 21:38:10 GMT
server: Fastly
etag: "34cc1e1074c48af86b5b1e1a99c47217"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame A401 474 B
372 B 28ms
27ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-cee4d876522269239fb4ff7189c2b9f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a9b24c874778fcf957840190bdbee891232fa9b5b24e123ec5dff9d07bddd9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 51
x-cache: HIT
content-length: 298
x-request-id: 4f0faefa-6ed1-48a3-8146-a9ace6c6681e
x-served-by: cache-fra-eddf8230090-FRA
last-modified: Fri, 09 Feb 2024 21:38:10 GMT
server: Fastly
etag: "34cc1e1074c48af86b5b1e1a99c47217"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame A401 474 B
372 B 27ms
27ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-cee4d876522269239fb4ff7189c2b9f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a9b24c874778fcf957840190bdbee891232fa9b5b24e123ec5dff9d07bddd9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-950b9f5e9bda362260a14e88a3ddb032.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 51
x-cache: HIT
content-length: 298
x-request-id: 105c75a0-679a-4805-9189-2828c58a0850
x-served-by: cache-fra-eddf8230090-FRA
last-modified: Fri, 09 Feb 2024 21:38:10 GMT
server: Fastly
etag: "34cc1e1074c48af86b5b1e1a99c47217"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame A401 2 KB
3 KB 388ms
292ms Fetch
application/json 198.202.176.201

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-cee4d876522269239fb4ff7189c2b9f6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.201 , United States, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

18c157eb0fcde84810fd735db288a79674a0f1aa82186c54a34d760e6cb837b9

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2434
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 0DF1 2 KB
3 KB 383ms
288ms Fetch
application/json 198.202.176.201

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-cee4d876522269239fb4ff7189c2b9f6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.201 , United States, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

6d8d82ff2386240ee74a5d7c2982e37ff869ffb1f04bb91da5583610305439ff

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2434
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame ED63 474 B
372 B 28ms
28ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-cee4d876522269239fb4ff7189c2b9f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a9b24c874778fcf957840190bdbee891232fa9b5b24e123ec5dff9d07bddd9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-6f369a615bb526a5aca6d5b29a560fee.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 51
x-cache: HIT
content-length: 298
x-request-id: f6bb9af8-0389-4178-8a32-dc01f856a9df
x-served-by: cache-fra-eddf8230090-FRA
last-modified: Fri, 09 Feb 2024 21:38:10 GMT
server: Fastly
etag: "34cc1e1074c48af86b5b1e1a99c47217"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

POST b
r.stripe.com/ Frame 0DF1 0
0

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 746C 55 KB
17 KB 35ms
35ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F764) /

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://raisedonors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16892
content-type: text/html
date: Mon, 12 Feb 2024 01:57:51 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc"
expires: Mon, 12 Feb 2024 02:57:51 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: 0053cbf158665
server: ECAcc (ska/F764)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000000053cbf158665-cd36a741019155bc-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

POST b
r.stripe.com/ Frame A401 0
0

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame 746C 18 B
210 B 222ms
222ms Fetch
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (daa/7D8C) /

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
paypal-debug-id: 887faa0dd5290
dc: ccg11-origin-www-1.paypal.com
content-length: 18
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
server: ECAcc (daa/7D8C)
traceparent: 00-0000000000000000000887faa0dd5290-f2f3ee97aa762896-01
etag: "60271cd0-12"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 12 Feb 2024 01:57:50 GMT

GET
H2 200 ts
t.paypal.com/ Frame 9EBE 42 B
168 B 185ms
185ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AQJSZBUDDE36CJ-1&page=muse%3Aoffer%3A%3A%3AQJSZBUDDE36CJ-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3c6ec446-d33d-4f20-8e5b-4e839a567e7a&es=visitorInfoFlowStarted&mrid=QJSZBUDDE36CJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donation%20Page%20%7C%20Americans%20United%20for%20Life&dh=1200&dw=1600&bh=2087&bw=800&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1707703071370&g=-60&completeurl=https%3A%2F%2Fraisedonors.com%2Famericansunitedforlife%2Fdonation-page%3Fembed%3Dtrue&disableSetCookie=true

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 43938a9d7056d
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230110-FRA
pragma: no-cache
correlation-id: 43938a9d7056d
traceparent: 00-000000000000000000043938a9d7056d-f4aeab0948aa124d-01
x-timer: S1707703071.382834,VS0,VE157
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Feb 2024 01:57:51 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 4119 19 KB
8 KB 100ms
99ms Document
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6af89a1437c3952e599cf3d9cd7ccb26c2d8bdabf267b15a16b5a3b4ff924308

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RnURFXgLLz2nH-26LWpmLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RnURFXgLLz2nH-26LWpmLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 12 Feb 2024 01:57:51 GMT
expires: Mon, 12 Feb 2024 01:57:51 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjqtHikmJw15BiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ3VKn8EaBMQ-9TNYY4BYiIdj_rel69gEHnR9Ps8IAN-ZN5s"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.baa4aRU1-I0.es5.O/am=gEEa/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 4119 157 KB
56 KB 140ms
46ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.baa4aRU1-I0.es5.O/am=gEEa/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhp8O7TtQyhKlEAMOHJqOdRxZGmWA/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72918cdadc2cabf0d405e4c6bca2e9eb69f58e4bd2116122ac1d460d5681a252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 20:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56880
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 22:16:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 20:01:44 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 4119 2 KB
2 KB 135ms
134ms Other
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: secure.wp.co.de
URL: https://secure.wp.co.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST graphql
www.paypal.com/targeting/ Frame 746C 0
0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 281ms
225ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Mon, 12 Feb 2024 01:57:51 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f6046177c18eb
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f6046177c18eb-d94ab80c42c859af-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-eddf8230111-FRA, cache-fra-eddf8230111-FRA
x-timer: S1707703072.661456,VS0,VE197

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 3C41 200 B
873 B 35ms
34ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://raisedonors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5859957
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 01:57:51 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 863385
x-content-type-options: nosniff
x-request-id: 25714f8b-311f-41bb-885d-f1edcd3b1f5a
x-served-by: cache-fra-eddf8230138-FRA

GET
H3

200

main.js Show response
raisedonors.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame 4A2D
Redirect Chain

https://raisedonors.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://raisedonors.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

7 KB
3 KB

24ms
23ms

Script
application/javascript

2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raisedonors.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Server

2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6331d236b1d670a4fbecda11171543b2714d340fd9c80996cc2c607077f5ca89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 85413925ed1858d8-TXL
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 12 Feb 2024 01:57:51 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
cache-control: max-age=300, public
cf-ray: 854139258ce658d8-TXL
alt-svc: h3=":443"; ma=86400

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5A2A 45 KB
28 KB 74ms
73ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLxlshAAAAAIrT1UFURK-Th2YG8F7JEuKq3OpM&co=aHR0cHM6Ly9yYWlzZWRvbm9ycy5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=nzpw0cqec8td

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6008ce5d8cdfdcb714cc2d2fef5793558015dcd2cf1cfca3fc3b9962d998a545

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-V2elh_RV8l0qO48UM4G6OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://raisedonors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-V2elh_RV8l0qO48UM4G6OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 01:57:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 buttons
www.paypal.com/smart/ Frame 15F9 246 KB
0 429ms
429ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.label=pay&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.422&components.0=buttons&components.1=funding-eligibility&components.2=marks&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVU0bVRFeUgwMEpMVnEwNTM5c2hvUndMb21UNmQyZlV5M1ljWDFZS184dm9ETUk2X0ctSnpNV3JjYnpyanRGSzJsMTdhSG9iVkpNeFd6UEImY3VycmVuY3k9VVNEJmludGVudD1hdXRob3JpemUmY29tcG9uZW50cz1idXR0b25zLG1hcmtzLGZ1bmRpbmctZWxpZ2liaWxpdHkmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF94a3Vzb2hycGxpdWVpZmppc3lna2l6Znd5dWdoYmcifX0&clientID=AU4mTEyH00JLVq0539shoRwLomT6d2fUy3YcX1YK_8voDMI6_G-JzMWrcbzrjtFK2l17aHobVJMxWzPB&sdkCorrelationID=f520921f20d63&storageID=uid_1ddf930dde_mde6ntc6nte&sessionID=uid_62759c1c85_mde6ntc6nte&buttonSessionID=uid_76d02d41a7_mde6ntc6nte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=authorize&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&clientMetadataID=uid_62759c1c85_mde6ntc6nte&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://raisedonors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 01:57:52 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"68044-fPPs0dBb+ZTrFCUDZVFQZwb0Mwo"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f604617f98b2c
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f604617f98b2c-c063997464a32f55-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f604617f98b2c-4096c9d49f0a147e-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-eddf8230091-FRA, cache-fra-eddf8230091-FRA
x-timer: S1707703072.669142,VS0,VE401
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 85AE 3 KB
1 KB 35ms
35ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Requested by

Host: raisedonors.com
URL: https://raisedonors.com/americansunitedforlife/donation-page?embed=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F74B) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1867a673a7a0f
dc: ccg11-origin-www-1.paypal.com
content-length: 1217
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (ska/F74B)
traceparent: 00-00000000000000000001867a673a7a0f-f3dfb61d7baab926-01
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 12 Feb 2024 02:57:51 GMT

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3C41 526 B
511 B 28ms
28ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 5780977
x-cache: HIT
content-length: 315
x-request-id: 1d0fcb23-3f49-463d-9357-d3d573aad3d4
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 823530

POST
H2 200 csp-report
q.stripe.com/ Frame 3C41 0
716 B 291ms
290ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.wp.co.de
URL: https://secure.wp.co.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707703071830451
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707703071829672
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3C41 0
716 B 291ms
291ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.wp.co.de
URL: https://secure.wp.co.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707703071830686
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707703071829943
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 virtuous.tracker.js Show response
cdn.virtuoussoftware.com/tracker/v1.2/ Frame 83D6 6 KB
2 KB 35ms
35ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.virtuoussoftware.com/tracker/v1.2/virtuous.tracker.js
Requested by: Host: aul.org
URL: https://aul.org/give/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F6B7) /
Resource Hash: 2236ae164d75453dae024999d870d8567b36843338cf4dc4f6d862621c1c20c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aul.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 01:57:51 GMT
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 20:55:11 GMT
server: ECAcc (ska/F6B7)
content-md5: AHU98dGHyvTO0sHh15j6dg==
age: 415599
etag: 0x8D998C2E6C70546
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-ms-request-id: 4434fbec-501e-007e-288f-597bc7000000
x-ms-version: 2009-09-19
content-length: 1796

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame 5A2A 55 KB
24 KB 47ms
46ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLxlshAAAAAIrT1UFURK-Th2YG8F7JEuKq3OpM&co=aHR0cHM6Ly9yYWlzZWRvbm9ycy5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=nzpw0cqec8td

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 20:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Feb 2025 20:15:28 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame 5A2A 493 KB
196 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 17:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200774
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 17:00:14 GMT

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.baa4aRU1-I0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.oXt0Mc... Frame 4119 74 KB
27 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.baa4aRU1-I0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.oXt0McP_Wv0.L.B1.O/am=gEEa/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj27D7LPUSvkiC1Td3klR0Fbf464g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.baa4aRU1-I0.es5.O/am=gEEa/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhp8O7TtQyhKlEAMOHJqOdRxZGmWA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7e9bcafece9a9f7fab2983d643869dea1e448867fd7f7efb78b2efc0e025c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 21:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27736
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 22:50:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 21:14:10 GMT

POST
H3 200 854139164e8058de Show response
raisedonors.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 4A2D 0
312 B 42ms
42ms XHR
text/plain 2606:4700::6810:4387
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raisedonors.com/cdn-cgi/challenge-platform/h/b/jsd/r/854139164e8058de
Requested by: Host: raisedonors.com
URL: https://raisedonors.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:4387 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
content-encoding: br
server: cloudflare
cf-ray: 85413926cda058d8-TXL
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 22AA 930 B
2 KB 139ms
43ms Document
text/html 2600:9000:26da:fe00:19:7d10:bd80:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:fe00:19:7d10:bd80:93a1 -, , ASN (),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 01:57:35 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 577c189d14f20f4f61c76d2711499f1c.cloudfront.net (CloudFront)
x-amz-cf-id: VTDLyTy5GIijEsLy4yC4pGPcV2gLjWbk81qQp3ifZHuwg0xL8IPXlg==
x-amz-cf-pop: MUC50-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha-invisible-c10b20cb7bb79ba6109867b6ab377961.html Show response
js.stripe.com/v3/ Frame 67F6 71 KB
25 KB 28ms
28ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-c10b20cb7bb79ba6109867b6ab377961.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ac8a417ff2a8f4d10a74e81bfb9f1301cd49d408a68f0bd76ebd4713465b0c98

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-TpHLHMvDbqddNaaAK93LrdOdr+EV/bhgkV7Gd0pO6Y0='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 190266
cache-control: max-age=31536000
content-encoding: br
content-length: 25171
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-TpHLHMvDbqddNaaAK93LrdOdr+EV/bhgkV7Gd0pO6Y0='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 01:57:51 GMT
etag: "c10b20cb7bb79ba6109867b6ab377961"
last-modified: Fri, 09 Feb 2024 21:04:24 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4447
x-content-type-options: nosniff
x-request-id: f2154598-598e-4ac0-9fc5-8e68b7770106
x-served-by: cache-fra-eddf8230138-FRA

POST b
r.stripe.com/ Frame 0DF1 0
0

GET
H2 200 phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9EBE 148 KB
40 KB 27ms
27ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 4520530
x-cache: HIT
content-length: 40295
x-request-id: bbfa301a-1e12-43c5-a139-de04cb7cb959
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Fastly
etag: "f7a3e754fa2fa9117506f69f618b5778"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 30650

GET
H2 200 elements-inner-link-button-for-card-c55b2d14d97232534f6519036c59f9a4.html Show response
js.stripe.com/v3/ Frame F4C1 78 KB
17 KB 30ms
29ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-link-button-for-card-c55b2d14d97232534f6519036c59f9a4.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fada5e875ab12624f35a83d24a3cae00dd7d398d8f614860375beb79670dc26e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://raisedonors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 190235
cache-control: max-age=31536000
content-encoding: br
content-length: 16210
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 01:57:51 GMT
etag: "c55b2d14d97232534f6519036c59f9a4"
last-modified: Fri, 09 Feb 2024 21:04:11 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1413
x-content-type-options: nosniff
x-request-id: e41378df-093b-4f5f-964e-b1d4a7a4749d
x-served-by: cache-fra-eddf8230138-FRA

POST TrackEvent
tpx.virtuoussoftware.com/api/ Frame 83D6 0
0

OPTIONS TrackEvent
tpx.virtuoussoftware.com/api/ Frame 0
0

POST b
r.stripe.com/ Frame A401 0
0

POST
H2 200 csp-report
q.stripe.com/ Frame 67F6 0
716 B 201ms
201ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.wp.co.de
URL: https://secure.wp.co.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707703071944495
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707703071943973
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F4C1 0
715 B 201ms
201ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.wp.co.de
URL: https://secure.wp.co.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707703071952524
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707703071952080
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F4C1 0
715 B 203ms
203ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.wp.co.de
URL: https://secure.wp.co.de/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707703071952561
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707703071952032
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-cee4d876522269239fb4ff7189c2b9f6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F4C1 535 KB
130 KB 29ms
28ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-cee4d876522269239fb4ff7189c2b9f6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-c55b2d14d97232534f6519036c59f9a4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

55561348492a1330f7ff4c88e4b01dd64d6e5d641e00cfb612c7fcadafd7ff00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-c55b2d14d97232534f6519036c59f9a4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 190281
x-cache: HIT
content-length: 132989
x-request-id: dff1d6bc-0d9e-41f1-9f76-204ae55bde12
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 09 Feb 2024 21:04:23 GMT
server: Fastly
etag: "2b78babeb59406ff5718db97ee0a8cbb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 357

GET
H2 200 elements-inner-link-button-for-card-dbb0ce91c8a6ee8978f05b324b2f8f14.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F4C1 24 KB
10 KB 29ms
29ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-link-button-for-card-dbb0ce91c8a6ee8978f05b324b2f8f14.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-c55b2d14d97232534f6519036c59f9a4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

808154b693e6eefcec5d2a01fe413d636d9e4557dfb338e9eaa61092af22dd68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-c55b2d14d97232534f6519036c59f9a4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 546696
x-cache: HIT
content-length: 9663
x-request-id: 4ceaecf9-12fe-4214-b323-101bb1fec59e
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Mon, 05 Feb 2024 18:02:58 GMT
server: Fastly
etag: "5b44b5d8fb8c89bd74262c7582b45a95"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3831

GET
H2 200 elements-inner-link-button-for-card-e0892059cc36c5a207d4915b8be6a4f3.css
js.stripe.com/v3/fingerprinted/css/ Frame F4C1 25 KB
4 KB 28ms
27ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-link-button-for-card-e0892059cc36c5a207d4915b8be6a4f3.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-c55b2d14d97232534f6519036c59f9a4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d9b7faa0259f5b0961455f53b4a507fba4bd0ed70dffac0bdaf2f94298c74b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-c55b2d14d97232534f6519036c59f9a4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 01:57:51 GMT
via: 1.1 varnish
age: 804847
x-cache: HIT
content-length: 4362
x-request-id: 932f9f8f-c8f6-4d19-9d57-353a1f43d9ec
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Fri, 02 Feb 2024 18:19:28 GMT
server: Fastly
etag: "ec65bfd4737d216032b538eb56aec1bd"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5757

GET
H3 200 zftWH1OehvU7cp4CwShG1rGJcDUeSLUwVTlpfhapoYQ.js Show response
www.google.com/js/bg/ Frame 5A2A 17 KB
7 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/zftWH1OehvU7cp4CwShG1rGJcDUeSLUwVTlpfhapoYQ.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdfb561f539e86f53b729e02c12846d6b18970351e48b5305539697e16a9a184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLxlshAAAAAIrT1UFURK-Th2YG8F7JEuKq3OpM&co=aHR0cHM6Ly9yYWlzZWRvbm9ycy5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=nzpw0cqec8td
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:02:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 219293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6922
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 13:02:58 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5A2A 2 KB
2 KB 46ms
46ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 08:42:23 GMT
x-content-type-options: nosniff
age: 148528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 17 Feb 2024 08:42:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5A2A 15 KB
15 KB 56ms
56ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 21:00:18 GMT
x-content-type-options: nosniff
age: 190653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 21:00:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5A2A 15 KB
15 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 492517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 09:09:14 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 67F6 474 B
372 B 27ms
27ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-c10b20cb7bb79ba6109867b6ab377961.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a9b24c874778fcf957840190bdbee891232fa9b5b24e123ec5dff9d07bddd9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/hcaptcha-invisible-c10b20cb7bb79ba6109867b6ab377961.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 52
x-cache: HIT
content-length: 298
x-request-id: 125ec70d-3e13-4777-ad07-921f8a3424b2
x-served-by: cache-fra-eddf8230090-FRA
last-modified: Fri, 09 Feb 2024 21:38:10 GMT
server: Fastly
etag: "34cc1e1074c48af86b5b1e1a99c47217"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET HCaptchaInvisible.html
b.stripecdn.com/stripethirdparty-srv/assets/v20.10/ Frame 5A58 0
0

GET
H2 200 virtuous.tracker.js Show response
cdn.virtuoussoftware.com/tracker/v1.2/ Frame 9EBE 6 KB
2 KB 33ms
33ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.virtuoussoftware.com/tracker/v1.2/virtuous.tracker.js
Requested by: Host: cdn.virtuoussoftware.com
URL: https://cdn.virtuoussoftware.com/tracker/virtuous.tracker.shim.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F6B7) /
Resource Hash: 2236ae164d75453dae024999d870d8567b36843338cf4dc4f6d862621c1c20c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://raisedonors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 01:57:51 GMT
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 20:55:11 GMT
server: ECAcc (ska/F6B7)
content-md5: AHU98dGHyvTO0sHh15j6dg==
age: 415599
etag: 0x8D998C2E6C70546
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-ms-request-id: 4434fbec-501e-007e-288f-597bc7000000
x-ms-version: 2009-09-19
content-length: 1796

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 4119 1 MB
377 KB 87ms
87ms XHR
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cded24859e08df69816c081b30fa2a3d264d1fbfaa133418b6834b4e04d0c742

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-EJL94RS7QPLBkX9xsAKv-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-EJL94RS7QPLBkX9xsAKv-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjqtHikmJw15BiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ3VKn8EaBMQ-9TNYY4BYiIdj_rel69gEVsxffJgZAN3PNx4"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 12 Feb 2024 01:57:51 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 5A2A 102 B
135 B 56ms
56ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da38d3e3b25f4bd39761adb2517f234e1b291293d6582e7c58ea5b335f205f38

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLxlshAAAAAIrT1UFURK-Th2YG8F7JEuKq3OpM&co=aHR0cHM6Ly9yYWlzZWRvbm9ycy5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=nzpw0cqec8td
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 12 Feb 2024 01:57:51 GMT

POST
H3 204 jserror Show response
pay.google.com/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 4119 0
27 B 107ms
107ms XHR
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/jserror?script=https%3A%2F%2Fpay.google.com%2Fgp%2Fp%2Fui%2Fpayframe%3Forigin%3Dhttps%253A%252F%252Fjs.stripe.com%26mid%3D&error=Failed%20to%20construct%20%27PaymentRequest%27%3A%20Must%20be%20in%20a%20top-level%20browsing%20context%20or%20an%20iframe%20needs%20to%20specify%20allow%3D%22payment%22%20explicitly&line=Not%20available

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport, script-src 'report-sample' 'nonce-2gx3Vqp_I96MMmce7-YtLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 12 Feb 2024 01:57:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport, script-src 'report-sample' 'nonce-2gx3Vqp_I96MMmce7-YtLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.baa4aRU1-I0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.oXt0Mc... Frame 4119 10 KB
4 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.baa4aRU1-I0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.oXt0McP_Wv0.L.B1.O/am=gEEa/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj27D7LPUSvkiC1Td3klR0Fbf464g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18bbda046e6943d4984c0b9de59c56297c71aa317fdb0aff88e4cbf504f79151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 21:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4131
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 22:50:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 21:14:10 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.baa4aRU1-I0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.oXt0Mc... Frame 4119 37 KB
14 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.baa4aRU1-I0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.oXt0McP_Wv0.L.B1.O/am=gEEa/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj27D7LPUSvkiC1Td3klR0Fbf464g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dac63bdf453fab3e4b3afac803bd0186a87b4f6a8838a9c1c3ee7e9020fdd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 21:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14329
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 22:50:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 21:14:10 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 202ms
54ms Preflight
text/plain 2a00:1450:4001:806::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 12 Feb 2024 01:57:52 GMT
expires: Mon, 12 Feb 2024 01:57:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ Frame 4119 0
0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 200ms
52ms Preflight
text/plain 2a00:1450:4001:806::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 12 Feb 2024 01:57:52 GMT
expires: Mon, 12 Feb 2024 01:57:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ Frame 4119 0
0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 201ms
54ms Preflight
text/plain 2a00:1450:4001:806::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 12 Feb 2024 01:57:52 GMT
expires: Mon, 12 Feb 2024 01:57:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ Frame 4119 0
0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 199ms
52ms Preflight
text/plain 2a00:1450:4001:806::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 12 Feb 2024 01:57:52 GMT
expires: Mon, 12 Feb 2024 01:57:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ Frame 4119 0
0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 199ms
53ms Preflight
text/plain 2a00:1450:4001:806::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 12 Feb 2024 01:57:52 GMT
expires: Mon, 12 Feb 2024 01:57:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ Frame 4119 0
0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 182ms
54ms Preflight
text/plain 2a00:1450:4001:806::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 12 Feb 2024 01:57:52 GMT
expires: Mon, 12 Feb 2024 01:57:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST TrackEvent
tpx.virtuoussoftware.com/api/ Frame 9EBE 0
0

OPTIONS TrackEvent
tpx.virtuoussoftware.com/api/ Frame 0
0

POST csp-report
q.stripe.com/ Frame 22AA 0
0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 22AA 87 KB
14 KB 50ms
49ms Script
text/javascript 2600:9000:26da:fe00:19:7d10:bd80:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:fe00:19:7d10:bd80:93a1 -, , ASN (),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:56:50 GMT
content-encoding: br
via: 1.1 577c189d14f20f4f61c76d2711499f1c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 62
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: MUC50-P4
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: uMuJkNGXNneatXSC_XPpmudCBIyxdRkyh6njKNBp7s_PEIS2dqJ3yg==

POST b
r.stripe.com/ Frame A401 0
0

POST 6
m.stripe.com/ Frame 22AA 0
0

GET js
www.paypal.com/sdk/ Frame 15F9 0
0

GET
DATA 200
OK truncated
/ Frame 15F9 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET countryRanges-9ffc15b92962ca316164b9a5ff4c1917.json
js.stripe.com/v3/fingerprinted/data/ Frame ED63 0
0

GET u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame ED63 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r.stripe.com
URL: https://r.stripe.com/b

Domain: r.stripe.com
URL: https://r.stripe.com/b

Domain: r.stripe.com
URL: https://r.stripe.com/b

Domain: r.stripe.com
URL: https://r.stripe.com/b

Domain: r.stripe.com
URL: https://r.stripe.com/b

Domain: r.stripe.com
URL: https://r.stripe.com/b

Domain: www.paypal.com
URL: https://www.paypal.com/targeting/graphql?disableSetCookie=true

Domain: r.stripe.com
URL: https://r.stripe.com/b

Domain: r.stripe.com
URL: https://r.stripe.com/b

Domain: tpx.virtuoussoftware.com
URL: https://tpx.virtuoussoftware.com/api/TrackEvent

Domain: tpx.virtuoussoftware.com
URL: https://tpx.virtuoussoftware.com/api/TrackEvent

Domain: r.stripe.com
URL: https://r.stripe.com/b

Domain: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.10/HCaptchaInvisible.html?id=771c42b0-6998-49e3-bf26-bbd981190e0c&origin=https%3A%2F%2Fjs.stripe.com

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: tpx.virtuoussoftware.com
URL: https://tpx.virtuoussoftware.com/api/TrackEvent

Domain: tpx.virtuoussoftware.com
URL: https://tpx.virtuoussoftware.com/api/TrackEvent

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: r.stripe.com
URL: https://r.stripe.com/b

Domain: m.stripe.com
URL: https://m.stripe.com/6

Domain: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AU4mTEyH00JLVq0539shoRwLomT6d2fUy3YcX1YK_8voDMI6_G-JzMWrcbzrjtFK2l17aHobVJMxWzPB&currency=USD&intent=authorize&components=buttons,marks,funding-eligibility&enable-funding=venmo

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/data/countryRanges-9ffc15b92962ca316164b9a5ff4c1917.json

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.raisedonors.com/	1970-01-20 18:21:44	Name: __cf_bm Value: Ur0rT.sW2zQyFOlA078TlHTCUcXQw.MnMeRDkVG7SLE-1707703069-1-AXByty1DeayZDc/nLORzDl9RkroH4EsXMZGg4sqzsw/QgwcI3PiEF0XWZvQYai+/MezIqqjd8GMiKdHqt6zpuU4=
.raisedonors.com/	1970-01-21 03:57:43	Name: _ga_ZW7V09F20F Value: GS1.1.1707703070.1.0.1707703070.0.0.0
.aul.org/	1970-01-21 03:07:19	Name: _hjSessionUser_3842386 Value: eyJpZCI6IjdlMDMxMzQwLWFiNmQtNWQzOC04NjE4LWEyMDA2MWZhMDliOSIsImNyZWF0ZWQiOjE3MDc3MDMwNzEwOTksImV4aXN0aW5nIjpmYWxzZX0=
.aul.org/	1970-01-20 18:21:44	Name: _hjSession_3842386 Value: eyJpZCI6IjY2OGM0YjEzLTViMDYtNDgxNi04ZTgyLTFhMDM0Y2VkYzY1YyIsImMiOjE3MDc3MDMwNzEwOTksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.raisedonors.com/	1970-01-21 03:57:43	Name: _ga Value: GA1.2.687713120.1707703071
.raisedonors.com/	1970-01-20 18:23:09	Name: _gid Value: GA1.2.605312725.1707703071
.raisedonors.com/	1970-01-20 18:21:43	Name: _gat_gtag_UA_47436227_1 Value: 1
.google.com/	1970-01-20 22:45:14	Name: NID Value: 511=o220D6hh7bZKs4NNT8UpN98IWwpaXLpzbjmhHZ1LR-O6V3x0aLBB_6DyEFNmvXDUM0UBrnJNDmAzpBzgoszBaa-eThMAzDAKgOzK_r6PL8STubTpUcDrQphwNM_R2uTcgL-_UeJG8ePqyy0sNZ_QPcM-BnmMFhOMyTqXtKEY_x8
.raisedonors.com/	1970-01-21 03:07:19	Name: cf_clearance Value: 8L9HmT.QsmqOEYxb6gbNy_GQ8MYQuVTDs39t_7Yqfr4-1707703071-1-AWKvfJL07d6J9n5gNGmF7gtdqMjGEVweg0InmwtF/UZ94NLl8t67vo+YScXGiAjGDFT2/2XiepX/WUCZJxsT9D0=

162 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://aul.org/give/(Line 353) Message: Unrecognized origin: 'autoplay'.
other	warning	URL: https://aul.org/give/(Line 353) Message: Allow attribute will take precedence over 'allowpaymentrequest'.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
violation	error	URL: https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js Message: Permissions policy violation: payment is not allowed in this document.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
violation	error	URL: https://pay.google.com/gp/p/js/pay.js(Line 318) Message: Permissions policy violation: payment is not allowed in this document.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
violation	error	URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.baa4aRU1-I0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.oXt0McP_Wv0.L.B1.O/am=gEEa/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj27D7LPUSvkiC1Td3klR0Fbf464g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le(Line 243) Message: Permissions policy violation: payment is not allowed in this document.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.wp.co.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aul.org
b.stripecdn.com
cdn-dmecc.nitrocdn.com
cdn.plaid.com
cdn.virtuoussoftware.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
nitroscripts.com
pay.google.com
pixel.wp.com
play.google.com
q.stripe.com
r.stripe.com
raisedonors.com
region1.google-analytics.com
script.hotjar.com
secure.wp.co.de
ssl.google-analytics.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
t.paypal.com
tpx.virtuoussoftware.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
b.stripecdn.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
play.google.com
q.stripe.com
r.stripe.com
tpx.virtuoussoftware.com
www.paypal.com
151.101.1.35
151.101.129.21
151.101.192.176
18.173.154.79
18.66.97.10
192.0.76.3
192.0.78.203
192.229.221.25
198.202.176.201
2001:4860:4802:32::36
2600:9000:26da:fe00:19:7d10:bd80:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:3037::ac43:c2dc
2606:4700:4400::6812:2197
2606:4700:4400::ac40:9af8
2606:4700::6810:3965
2606:4700::6810:4387
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2003
2a00:1450:400c:c06::9a
2a00:1450:400c:c0c::5c
54.187.119.242
99.84.88.12
0214dfcaca56861b7c92d54ca27603d803ad59aa64ff2c15d44f2855713979ef
03fedc482089d542893c9fa4054b9a4e71cb3109b9fa3a1e539570609015fd63
0437c73712c406b350d5dc1154b998ed850634e2d298baea405aecb550d8fe98
047fc91657b811cf7aa56db521a73b8b7f7213ccd66ae48fe49d6fc0e03c9afb
04f257cb8e739e1a691315c1702e4561478ff6708b0dd43447fe2d5b9928dd8c
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
082af8c0b4fcf99a055d205651d14c4a6c4d257176e0d5ace9c98f6093749622
0b904eff99fe4511a7a4eafc8ae8fccc8e15ee0febd01827783c559cbef69514
0df50ad40e7a4372ad40371b063628eee9ef379debecfb6c1cf8f51d7d97d3db
0f230f66d85876bf17c138ebf7e5c3071a28e41455b63f4756f59d23137e1eee
0ffcc74dfe4aa0a896a2569c916647bbe690c4c1e789468baf21eaa7c528ae97
11e0dd0b1244f412de7027e164697e76b77f87c85bb6d5e74ef23237ded7699b
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12a3d81034186b0940fa1445649ff565514f1e3f5a03a0baae205e0dd48b4a81
1480dde465c92981da40ccf7258d0c58c707be591589060515d5cbf36c5d86d2
1882608f84e795b684548d2f468653fd68c50b3a8dbb3b63a28537112222a208
18bbda046e6943d4984c0b9de59c56297c71aa317fdb0aff88e4cbf504f79151
18c157eb0fcde84810fd735db288a79674a0f1aa82186c54a34d760e6cb837b9
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1ea56af5464914be26afbdde0f37b0621382a3136717ddf9f7d07d1b32368d97
1eb645a1ca6fcf3170fec1970e9288b3fcc79333f63ae7e69b1eedd9c2e34575
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
20cdaa9fafe6e52e0ae2f7edf5657307d6a138e355a7396b9c6d5ebf00e7ea2f
216728e33a7de4be9b784eff527c6ccf1658319ea78fe66a7864c0b923200252
221a099f1d681d3b9f12ea559f341358e73388c4d93241d396a54f3badf50e9c
2236ae164d75453dae024999d870d8567b36843338cf4dc4f6d862621c1c20c1
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
27218b92f081fd6f24b29e35cea015752bd378fded5f03fca91286946e06e7b0
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
290f298e1bb2bdcb4feccae77ba34dbc0cdccadbbcfa8489d758edb282bd1f31
2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4
2b3696ef852f018e3b130f41487d1e664cb1843d9c34917a7e1ef2b52742caf2
2c45b6018532733b4221ea6cb262260f70f91feaa19a20185f5ca042dedb5308
2cd2e545c3495b80d070e6b49e00e9b3206cc9018b5d0457f403a5884b1e3240
2f687253384db21f3f1b42df9ae9f8831102c777c0eeb995c322106d950de418
30060e4904aba669f6b64947e5d9310ffd35b1e0b7518286c4d83c013bc2b949
315ff4e09430a63587b8ff2e41410cfeb048adc3654bbd51d057bdc3a49b6338
324bb616ac703488037fe267d3be4a9c9e06ab38861d8b0574689b5b5c006f7b
339be152a2399ee136d14d580bf4af802532288abd004db246c63f264d6b7e6e
34ba190dced0cd523211385c8346770b28fcd3670476854297483a815d2cb4ce
358cf27d0edfb059ee395e889adffcd4aee6e67d4a77cb21af50cce586eaf90c
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3b4dcfb0dc16f4862c772a5d80c1d79731317b1a123969647443c9a49d3a0c3a
3b74ca24dae2a0879a87065ef531d4aabce64ef298f43cb9d2b33976d74ad184
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43408b83c4204c88df63426b6208c663b9fb4eb0c971eec1d039a2a0f577b0e6
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
456a31c4288a270285fc58458798d16a89458b49a517fdf31c1d77fd89667632
4610645b1245a36f01a7d579bd6aace0985b94a517646b560baf99d92fbefbbc
4735fb186005bd963d9faaed72d629dd52e23f2ffbf15a858db21c354261b121
4a41dc0fa8ead56ab2f0b42f5844ea6cfe215b1b3bdacbd4e4f66e3a27f756d1
4e03be949642d58ff54506feed064bf07bbb2a5747f6b2d4ebf451aff85ce327
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
51718c08ac1ee90b97121d41b07ca77129517943edbf8d3c0d9245447ecacb16
52501bf1dac2e548211e7bc853d468c59188c132930259775f22aeb3d24adf70
52fb7e9057452b20c007eb6591bd75bcd68128125365b1dcbd98819c75766068
53aedf76966c997ecfeae51dcf419275dbe370c19d647f54334d2c9b195bcae8
55561348492a1330f7ff4c88e4b01dd64d6e5d641e00cfb612c7fcadafd7ff00
55a74b8700189b6c9e81dbe2d31ccba09f625f13246b35ed61d733146b0ea9d6
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ba1723c67552195c15a49627cf39083f1b47f3bbb43e37326c7970eb8cb376b
5ba6e23139b4682a6d8a8de77d38b3c8b44afbdee419762340e15447cdc82023
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5cd875586dd9c174536652e39c58366c1f2afef7890952938836f6b5efbfb9ff
5dd3c98473cbaf2a8262fa7028a79152979081943add46624ad307bbf9e46043
5ec67497d2aa84546d6d191449c2fa7eab10fbd192d9444fc4c259a31c70f21d
5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b
5f977f7407c2373f19caa9835356ccce3c6cc5957a9affdf1fe9f6643617a90b
5fb200e444385808218be1153a595f5df230b0bc7624a10bd0045e5fe0dab01f
6008ce5d8cdfdcb714cc2d2fef5793558015dcd2cf1cfca3fc3b9962d998a545
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
6331d236b1d670a4fbecda11171543b2714d340fd9c80996cc2c607077f5ca89
63f21f17cf6e41efcf6e60880f32255c03353fe95e2a44444324f54c5bc0c826
66e324493b6a145a004d03c0548370be06c879ef95e8072ff8247d0964b26499
6af89a1437c3952e599cf3d9cd7ccb26c2d8bdabf267b15a16b5a3b4ff924308
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc32bb5e7ae682a349417150239aa22f5f6f6029230f2f765d0412867ef6caf
6bc56184857ba81ffbc277a043d22686cf1b2fc6cff53be84e92ee4915c242e8
6c93df9a115ee393c2c21092ca22f0282c7b28e1b02086ab72d6efde86245ce6
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6d8d82ff2386240ee74a5d7c2982e37ff869ffb1f04bb91da5583610305439ff
6f02651797a845b42781199e025c8a967306f86229a3bd3d47933f74fd7e7780
6fc410b679d90897e3f8ec9e8a64e3fb699912d30122676c6dc257777034e615
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
72918cdadc2cabf0d405e4c6bca2e9eb69f58e4bd2116122ac1d460d5681a252
77b3679bc42dc633c9e1c6211e6af851fea08700dda02090c40651e33e88399b
77eacb73d85e518f2bcd25cad6807b3fe62a1ba7316cbfb302a987924e558335
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a0829f65b5378d1b0e2da444ff32f73343984c4e21342f5a7a0f3b9abe5c9c0
7d613b424537e343148e3fb0bcd1a4a8cf1b6cb88b3e20f4b3a07538a18f30e7
7ec7ecc6550b3e5433a82e203186b93922accbdd828b64d773115f55c4849775
808154b693e6eefcec5d2a01fe413d636d9e4557dfb338e9eaa61092af22dd68
848536686a6e7e46d97513420a5b381823adf1c2e8169e009aebb16774cb4e3e
859a548b863dd42958a781bf8782e0867d3a8fc29168cc402b2e5a4d6df9e547
85ac95feffe5abad7ac4eb34658df85b1e1c51ae381ed1c01edc02747b75b2bd
870487091507c35dc307e611668912d4aa11a67c5fdfee12adb8e47f7f50888c
8a6ab68533e15f6ec00ff0d9cdece5099e680a71d1f89dc765a9b08585ba7c47
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8dac63bdf453fab3e4b3afac803bd0186a87b4f6a8838a9c1c3ee7e9020fdd47
8f789fbd28a77ad55d513777b1d5bf740971be4efd5b5afe04f5ee3e813c96a1
91e4dc2c2a3b780c1c7e4a598d1b27e937f990e09f7dc4ea7f38f52dcacf7767
92c2c58d2e8414378407dfa3e9f1d38fb5f9aac4ff16711bcd28578d4177ebb7
92c6c068ba3bc54d10f8946a1da59baca4cd3ba45784bc96687223ad3034d5d4
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9662a2ca585c0c1ab55628dc1fb609eec2d5cdc357cefce5bd59a7fd9f524879
99f616c6d45abe6674604a6cecea1a644bef34e62811b6a947813f5a070a9646
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
9d4a878e83049dedff9e7ad170c2c1f39f7fa423671d59fa2d623849b84457e0
a12b2bda65973e805ad713e77fac20f5a9589c7da0b43a09e01b4ab496735935
a2c1967d4bc375b190863aabb8bb22a2da4ec5461f8dfd8add4987e3687a26ed
a5079ee53fb15f820a8280ed3ce8cf896d053a228f8d44e39992d9b75dae8825
a9b24c874778fcf957840190bdbee891232fa9b5b24e123ec5dff9d07bddd9bd
ac8a417ff2a8f4d10a74e81bfb9f1301cd49d408a68f0bd76ebd4713465b0c98
b0bf8c14473b638e5983e892b82395cc71a4b702ebc1d7bb494431d144537633
b2410dc83ade49be2868fcf4f3ebda1d448d9ea9c55361a8bed919b6615137f8
b3152565ddf9b65353d3900e15e25a820693315d88140a5e49d2acdaa557d0b5
b3b9e87f54d064e14546fa427e05092a9587f43cf28635331dfc040d506224b7
b50b8f84b7753aaa8dd13d6070e17f2c39faf67d5c69220068ab4153497a3edb
b7e9bcafece9a9f7fab2983d643869dea1e448867fd7f7efb78b2efc0e025c54
b9cd5ebdee571591bf7af5cf6cf5d0d1ad5289f06a39be3e7cf426e2796f62f3
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
ba27f21a0eb6f275c2bfd3922f40a7875682865c7a9d661983dd0a17921dce01
bf27313110241ec86252f234452ff739c7a9ff9622b94396be1f6b58dff62be4
bfc23481ffba55d85754f61908cba9c583eec7fac83b74b2b58b4678981fe0e2
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c55fd69d07d9c588869307dfa2b0a4fafa16c85b99e5e66c7963d57348b19126
c71ef4264fb1c3a84f2b1e5ec8d87d852d1d62b1eee97ef3874091cd6cea9798
c899038c8e2905f25adf7b9ea7a570c55e14364559627a57430a7aa070774a55
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
cded24859e08df69816c081b30fa2a3d264d1fbfaa133418b6834b4e04d0c742
cdfb561f539e86f53b729e02c12846d6b18970351e48b5305539697e16a9a184
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d8cf11fb0206805c341cf15243f44e92d294b6070d6924993eee63edb91a11c1
d9b7faa0259f5b0961455f53b4a507fba4bd0ed70dffac0bdaf2f94298c74b40
da38d3e3b25f4bd39761adb2517f234e1b291293d6582e7c58ea5b335f205f38
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
dd46f96b6f47fcd33683b79ddfaf3daca1d4f8aeba3c0f2bde1584c69cc699d4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df67a4dc5c686052427d1de8e371218a5988fa47d9771280a6734aa5add1e86c
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0e2e4f3925ac951585a8e9a50a38861646106b56c059d111b80da01eb5976d5
e0f7cc62e8e2a2ec85badc0b8af1af5403de08418d49e067b79f95d5c97bd220
e1af30e31c72c05af66a8b73b2aa7a024c7ba2459b7c963ca6a39ab621fe4094
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e2487e0c110178dbb2c7c2e78671aeebe08a3dba6fafd7ae681f2c944d44fe07
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55a3571ea06801a47858d2b5a72acf068af7787536d37e2528324f8ff82108f
e629e8296771153d957e62b6a2e962a6818f5d3b6681f5a4bcc5722f20134311
e6d3be47ba8883065b9b91b899ecdd4cbab3176d5f8183f28610fb36dd6ccdbd
e6fb92afd631c07f3234723f9cdb942832dc94cf4576de516da2ca63336ced6a
e73f8f9d8236d08586f15cad4a33367bd427086143bcff1a76ce9e166c5c52e5
e7dae77bc6dd7a646f60d9f8341c4180834c91e93afe860471e18aa58b38a036
eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b
ed1dcedd768d865304dfe956bf03b60bfdef910af5801ef4bacbaa45935e29aa
ef94527ba375b4c6d9ed7ca05c655a46f13e112df8d032d81d8b6895ee5137d5
f08b4aaa60f6c15976f65c7df818fbbb3fd6672fcb6a1e6d13872848d609f759
f32da6bf81134c664b32582076b8260b3b614d508d5c651d0907b581df2a9323
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f59fa14fd1be6338281d64b9e0fe709b26876892d598eb3fe2eb10c253af59bf
f8e37527996d0530694a2a8ddf6afdcf28cc8a05e50ce3ce9d3f2f743b04659f
faafe3e96e65d2a276327814db60cb56cca568cfbd27a8ab73b8edbdb585c550
fab00559856e8577ade8b90890d5dbc0c015b861f591c70f1ca740121b916c15
fada5e875ab12624f35a83d24a3cae00dd7d398d8f614860375beb79670dc26e
fb35d54ecd5bfd50db4bfa50b634994e895c399bed2048c66f85669c4b7c0b5c
fbf828e0b8c2dabec1bf8a0c339c6341055e5f38d587a9ed7fbdca5e5b051053
fc8c00f9c709b002856df234b920785bd69ba089627ab5197b65e4bea07fafe4
fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c

secure.wp.co.de Open in urlscan Pro 2606:4700:3037::ac43:c2dc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

233 Requests

80 %HTTPS

62 %IPv6

21 Domains

33 Subdomains

30 IPs

3 Countries

4035 kBTransfer

13690 kBSize

9 Cookies

0 Outgoing links

Redirected requests

233 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.wp.co.de Open in urlscan Pro
2606:4700:3037::ac43:c2dc Public Scan

Screenshot
Live screenshot

Full Image

233
Requests

80 %
HTTPS

62 %
IPv6

21
Domains

33
Subdomains

30
IPs

3
Countries

4035 kB
Transfer

13690 kB
Size

9
Cookies

233 HTTP transactions
17 data transactions