donate.heritageaction.com Open in urlscan Pro
104.20.4.67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://secure.heritageaction.com/
Effective URL:
https://donate.heritageaction.com/donate
Submission: On September 13 via automatic, source certstream-suspicious (September 13th 2021, 3:12:53 am UTC) — Scanned from DE

Summary HTTP 120 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 14 domains to perform 120 HTTP transactions. The main IP is 104.20.4.67, located in and belongs to CLOUDFLARENET, US. The main domain is donate.heritageaction.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2021. Valid for: a year.

This is the only time donate.heritageaction.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.203.182.246 159.203.182.246	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 9	104.20.4.67 104.20.4.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	151.101.112.176 151.101.112.176	54113 (FASTLY) (FASTLY)
4	142.251.5.95 142.251.5.95	15169 (GOOGLE) (GOOGLE)
2	13.225.25.33 13.225.25.33	16509 (AMAZON-02) (AMAZON-02)
2	64.233.184.97 64.233.184.97	15169 (GOOGLE) (GOOGLE)
2	185.60.218.24 185.60.218.24	32934 (FACEBOOK) (FACEBOOK)
7	64.233.184.138 64.233.184.138	15169 (GOOGLE) (GOOGLE)
1	64.233.184.155 64.233.184.155	15169 (GOOGLE) (GOOGLE)
4	142.250.102.92 142.250.102.92	15169 (GOOGLE) (GOOGLE)
2	13.225.25.14 13.225.25.14	16509 (AMAZON-02) (AMAZON-02)
4	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	142.251.5.154 142.251.5.154	15169 (GOOGLE) (GOOGLE)
3	74.125.133.104 74.125.133.104	15169 (GOOGLE) (GOOGLE)
27	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	74.125.71.157 74.125.71.157	15169 (GOOGLE) (GOOGLE)
3	185.60.218.35 185.60.218.35	32934 (FACEBOOK) (FACEBOOK)
1	34.215.192.98 34.215.192.98	16509 (AMAZON-02) (AMAZON-02)
5	66.102.1.94 66.102.1.94	15169 (GOOGLE) (GOOGLE)
13	142.251.5.102 142.251.5.102	15169 (GOOGLE) (GOOGLE)
120	20

1 159.203.182.246 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

secure.heritageaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.20.4.67 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

donate.heritageaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.5.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f95.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.25.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-25-33.cdg3.r.cloudfront.net

d35ligi1n5bgzc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.184.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.218.24 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-otp1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 64.233.184.138 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f138.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.184.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.102.92 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f92.1e100.net

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.25.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-25-14.cdg3.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.5.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.133.104 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.71.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f157.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.60.218.35 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-otp1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.192.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-192-98.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 66.102.1.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.251.5.102 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f102.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	stripe.com js.stripe.com r.stripe.com q.stripe.com m.stripe.com	629 KB
20	google.com pay.google.com www.google.com play.google.com	384 KB
10	heritageaction.com 2 redirects secure.heritageaction.com donate.heritageaction.com	231 KB
7	google-analytics.com www.google-analytics.com	40 KB
5	gstatic.com www.gstatic.com	101 KB
4	googleapis.com maps.googleapis.com	168 KB
3	facebook.com www.facebook.com	505 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	stripe.network m.stripe.network	20 KB
2	facebook.net connect.facebook.net	113 KB
2	googletagmanager.com www.googletagmanager.com	96 KB
2	cloudfront.net d35ligi1n5bgzc.cloudfront.net	211 KB
1	googleadservices.com www.googleadservices.com	14 KB
0	revv.co Failed app.revv.co Failed
120	14

	Domain	Requested by
27	q.stripe.com	donate.heritageaction.com
27	js.stripe.com	donate.heritageaction.com js.stripe.com
13	play.google.com	www.gstatic.com
9	donate.heritageaction.com	1 redirects donate.heritageaction.com
7	www.google-analytics.com	donate.heritageaction.com www.google-analytics.com www.gstatic.com
5	www.gstatic.com	pay.google.com www.gstatic.com
4	r.stripe.com	js.stripe.com
4	pay.google.com	js.stripe.com pay.google.com donate.heritageaction.com www.gstatic.com
4	maps.googleapis.com	donate.heritageaction.com maps.googleapis.com
3	www.facebook.com	donate.heritageaction.com
3	www.google.com	donate.heritageaction.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	connect.facebook.net	donate.heritageaction.com connect.facebook.net
2	www.googletagmanager.com	donate.heritageaction.com
2	d35ligi1n5bgzc.cloudfront.net	donate.heritageaction.com
1	m.stripe.com	m.stripe.network
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	secure.heritageaction.com	1 redirects
0	app.revv.co Failed	donate.heritageaction.com
120	21

This site contains links to these domains. Also see Links.

Domain
revv.co
51776-info.com
heritageaction.com
support.revv.co

Subject Issuer	Validity	Valid
donate.heritageaction.com Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-01-12` - `2021-09-29`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://donate.heritageaction.com/donate
Frame ID: D107B3E848F5D384FDE791B3BA1AD1A8
Requests: 37 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
Frame ID: B90EAFA7D04CC62FFB675210204DD0D7
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-1bd91c4eab50395fc60f2af1ff892332.html
Frame ID: D4CAE77CEA89DAA306FEE8E00AB294B3
Requests: 15 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-d9aba575b8286a0708f263b69334fba8.html
Frame ID: 8AA694F397734B7BBCDB8C97931F31AB
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-1bd91c4eab50395fc60f2af1ff892332.html
Frame ID: 8832EBF4D542573A561B6773308775D5
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-28b6e2406024bf641ca85752d8328927.html
Frame ID: 1B51002CB00C62D87AB72EB56FB20677
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-2d4423af5476abe0df44ba730a448f21.html
Frame ID: 12C53A66A49503FC08B51FAFC3E92371
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 07B1197E05B54E46DFE853FD67C9D637
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 50488E438B6699321D0EC71961C9CE84
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-24fb1d5ebdd7887d32aa30e543bf5a4d.html
Frame ID: 10A08E28E01C0E95D72D96D568ED5E0B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate Today! | Heritage Action for America

Page URL History Show full URLs

https://secure.heritageaction.com/ HTTP 302
https://donate.heritageaction.com/ HTTP 302
https://donate.heritageaction.com/donate Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

120
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

21
Subdomains

20
IPs

4
Countries

2010 kB
Transfer

6678 kB
Size

17
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://revv.co/donor-terms/
Title: terms of use

Search URL Search Domain Scan URL

URL: https://revv.co/privacy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://51776-info.com/
Title: terms & privacy policy

Search URL Search Domain Scan URL

URL: https://heritageaction.com/state-registrations/
Title: State Registration Disclosures.

Search URL Search Domain Scan URL

URL: https://revv.co/
Title: Powered by

Search URL Search Domain Scan URL

URL: https://support.revv.co/en/
Title: Questions about your charge? Go to our Support Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://secure.heritageaction.com/ HTTP 302
https://donate.heritageaction.com/ HTTP 302
https://donate.heritageaction.com/donate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

120 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request donate Show response
donate.heritageaction.com/
Redirect Chain

https://secure.heritageaction.com/
https://donate.heritageaction.com/
https://donate.heritageaction.com/donate

33 KB
9 KB

163ms
162ms

Document
text/html

104.20.4.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.4.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

195e613b7249e1908f9f4e94ed8d5944081964c2e9b797b32417629b941f8a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: donate.heritageaction.com
:scheme: https
:path: /donate
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: __cf_bm=r6s0dn6Ja_AT1R_kw91_7sv3pZTMMU4zKvZ4pODB_nM-1631502766-0-AfTeR24aK7k6P+cHEIfyDODho/TgGm2mm8Id63FDiGsTKMr07FUE0mCaUKSXlJoCLLZfOzoZ+qHnXGi0hiPGlRD9qyQ07m1NxZfNj+5V/NaF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 13 Sep 2021 03:12:46 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
x-revv-cache: Hit from Revv
set-cookie: _revv_v3_session=eGhHZ1FGNTd5aDRJVW9Vd2VXRzVhTXVWRU1MQUFORUtUYW40RkZuRzdXdXNmRkwvcGptTkFiUzNuSzRFdzh2QU1QNVA5aWtIazBWZGU1MlRNSW5rZnNNSkJHRmRzeXMxN0tSZ2hEbHFRR1pGT3NuUmFrL1psWmRXWFkrREtBUitJRFJuK3E3cjhoVWtJWWVrZzVacVJsWXBDRE5xL2VtN0tua2k1YVNlTmkxdCtvYVVyRVc3M2FILzU0M0ZKRHI1UitvckNvME53c1RRS3JQZGRMUTZma09ZVUFlRjFENkg1Z3VIWlJoMXo3MHNTbzVSTjB1bTB6N2R1cVhWdDh0SG04cnlDd29ySzBwblBpTGtKUENkUUg0MjZZYnpHK3Q3TlBBVEJ2Y0ZPK211dmkzQWp2RCtCSVFUNEE2T2VJVVowVGkrditDaHFlOVBETzJuTDJzWlBua200QzhzOFMyVzFrV2szVUgzUjhjPS0tdnFYSzVXSnU2SEtRUkM3blhWakVYQT09--bb06fcd43698b0ddb5912be00b3c46f039b920ba; domain=.heritageaction.com; path=/; HttpOnly; Secure; SameSite=None; Secure
x-request-id: 219a2fe3-795b-4be7-a3f8-11437e11dd7f
x-runtime: 0.020618
x-rack-cors: miss; no-origin
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 68de32231c532784-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 13 Sep 2021 03:12:46 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
location: https://donate.heritageaction.com/donate
cache-control: no-cache
x-request-id: 5512761c-985a-4438-83fb-49612302c8a6
x-runtime: 0.022614
x-rack-cors: miss; no-origin
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie: __cf_bm=r6s0dn6Ja_AT1R_kw91_7sv3pZTMMU4zKvZ4pODB_nM-1631502766-0-AfTeR24aK7k6P+cHEIfyDODho/TgGm2mm8Id63FDiGsTKMr07FUE0mCaUKSXlJoCLLZfOzoZ+qHnXGi0hiPGlRD9qyQ07m1NxZfNj+5V/NaF; path=/; expires=Mon, 13-Sep-21 03:42:46 GMT; domain=.donate.heritageaction.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 68de32220bc32784-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
js.stripe.com/v3/ 248 KB
61 KB 288ms
6ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

807d570c16663e8b11121736937e3855958062e08336811485c38f1df02b6c1f

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 153
via: 1.1 varnish
x-cache: HIT
content-length: 61520
x-amz-id-2: gwOVHWfn6GJ9mk6GYNZW9Kmg+7Tnv7c5CuGHlvqdxSxsaE9wKBRsltIvY48OcS4sa/vIYSFwUks=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Fri, 10 Sep 2021 19:24:03 GMT
server: AmazonS3
etag: "ff869cfad3b8b35353735d6844c726a1"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 97CH3T32P0MRVVBY
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 22

GET
H3 200 landing_page-205145a105df0cfe48c31181c82ec93fbef8907bfa527923a4a10936993b1f3a.css
donate.heritageaction.com/assets/ 220 KB
34 KB 173ms
172ms Stylesheet
text/css 104.20.4.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.heritageaction.com/assets/landing_page-205145a105df0cfe48c31181c82ec93fbef8907bfa527923a4a10936993b1f3a.css

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.4.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205145a105df0cfe48c31181c82ec93fbef8907bfa527923a4a10936993b1f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /assets/landing_page-205145a105df0cfe48c31181c82ec93fbef8907bfa527923a4a10936993b1f3a.css
pragma: no-cache
cookie: __cf_bm=r6s0dn6Ja_AT1R_kw91_7sv3pZTMMU4zKvZ4pODB_nM-1631502766-0-AfTeR24aK7k6P+cHEIfyDODho/TgGm2mm8Id63FDiGsTKMr07FUE0mCaUKSXlJoCLLZfOzoZ+qHnXGi0hiPGlRD9qyQ07m1NxZfNj+5V/NaF; _revv_v3_session=eGhHZ1FGNTd5aDRJVW9Vd2VXRzVhTXVWRU1MQUFORUtUYW40RkZuRzdXdXNmRkwvcGptTkFiUzNuSzRFdzh2QU1QNVA5aWtIazBWZGU1MlRNSW5rZnNNSkJHRmRzeXMxN0tSZ2hEbHFRR1pGT3NuUmFrL1psWmRXWFkrREtBUitJRFJuK3E3cjhoVWtJWWVrZzVacVJsWXBDRE5xL2VtN0tua2k1YVNlTmkxdCtvYVVyRVc3M2FILzU0M0ZKRHI1UitvckNvME53c1RRS3JQZGRMUTZma09ZVUFlRjFENkg1Z3VIWlJoMXo3MHNTbzVSTjB1bTB6N2R1cVhWdDh0SG04cnlDd29ySzBwblBpTGtKUENkUUg0MjZZYnpHK3Q3TlBBVEJ2Y0ZPK211dmkzQWp2RCtCSVFUNEE2T2VJVVowVGkrditDaHFlOVBETzJuTDJzWlBua200QzhzOFMyVzFrV2szVUgzUjhjPS0tdnFYSzVXSnU2SEtRUkM3blhWakVYQT09--bb06fcd43698b0ddb5912be00b3c46f039b920ba
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: donate.heritageaction.com
referer: https://donate.heritageaction.com/donate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: VYV4DHXET3VTZGKQ
strict-transport-security: max-age=0; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-version-id: Msdfz01TWaIgkjjYu3.UKPIWmaQRGCs7
x-amz-id-2: vbexZUOHVBqRFX43PaLoYsxyZxFmaopT0tHVqXbE+Rk/yUOPNqjqsziiuMmNd1Rbt46X4G79qzg=
last-modified: Thu, 19 Aug 2021 01:56:32 GMT
server: cloudflare
etag: W/"78a9c5647b11f06acfc06f40e6836957"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 68de32248e4a411a-PRG
expires: Mon, 13 Sep 2021 07:12:46 GMT

GET
H3 200 1619806663.css
donate.heritageaction.com/stylesheets/rv_page_sG1duxiJyGuXQ9SkYnR5Cvqw/ 7 KB
2 KB 172ms
171ms Stylesheet
text/css 104.20.4.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.heritageaction.com/stylesheets/rv_page_sG1duxiJyGuXQ9SkYnR5Cvqw/1619806663.css

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.4.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f01594274fdedce530a41ea1b9b04269063329ec3975d2e8ca8afccb090efd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /stylesheets/rv_page_sG1duxiJyGuXQ9SkYnR5Cvqw/1619806663.css
pragma: no-cache
cookie: __cf_bm=r6s0dn6Ja_AT1R_kw91_7sv3pZTMMU4zKvZ4pODB_nM-1631502766-0-AfTeR24aK7k6P+cHEIfyDODho/TgGm2mm8Id63FDiGsTKMr07FUE0mCaUKSXlJoCLLZfOzoZ+qHnXGi0hiPGlRD9qyQ07m1NxZfNj+5V/NaF; _revv_v3_session=eGhHZ1FGNTd5aDRJVW9Vd2VXRzVhTXVWRU1MQUFORUtUYW40RkZuRzdXdXNmRkwvcGptTkFiUzNuSzRFdzh2QU1QNVA5aWtIazBWZGU1MlRNSW5rZnNNSkJHRmRzeXMxN0tSZ2hEbHFRR1pGT3NuUmFrL1psWmRXWFkrREtBUitJRFJuK3E3cjhoVWtJWWVrZzVacVJsWXBDRE5xL2VtN0tua2k1YVNlTmkxdCtvYVVyRVc3M2FILzU0M0ZKRHI1UitvckNvME53c1RRS3JQZGRMUTZma09ZVUFlRjFENkg1Z3VIWlJoMXo3MHNTbzVSTjB1bTB6N2R1cVhWdDh0SG04cnlDd29ySzBwblBpTGtKUENkUUg0MjZZYnpHK3Q3TlBBVEJ2Y0ZPK211dmkzQWp2RCtCSVFUNEE2T2VJVVowVGkrditDaHFlOVBETzJuTDJzWlBua200QzhzOFMyVzFrV2szVUgzUjhjPS0tdnFYSzVXSnU2SEtRUkM3blhWakVYQT09--bb06fcd43698b0ddb5912be00b3c46f039b920ba
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: donate.heritageaction.com
referer: https://donate.heritageaction.com/donate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-rack-cors: miss; no-origin
date: Mon, 13 Sep 2021 03:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 16163a5e-e7a3-423f-addf-b15e4f34324f
x-runtime: 0.031230
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=31556952
cf-ray: 68de32248e4c411a-PRG
expires: Tue, 13 Sep 2022 09:01:58 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 146 KB
48 KB 73ms
38ms Script
text/javascript 142.251.5.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f95.1e100.net

Software

mafe /

Resource Hash

80e30d6949eb2ee49bbbe426a526d0b600ef714ed7d484e3db778001f138621f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:46 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48594
x-xss-protection: 0
expires: Mon, 13 Sep 2021 03:42:46 GMT

GET
H3 200 application-landing-page-6a2a9f70565ca97041226a5fc873542ef2315739567d662fe5ce24d796690996.js Show response
donate.heritageaction.com/assets/ 602 KB
170 KB 187ms
187ms Script
application/javascript 104.20.4.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.heritageaction.com/assets/application-landing-page-6a2a9f70565ca97041226a5fc873542ef2315739567d662fe5ce24d796690996.js

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.4.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2a9f70565ca97041226a5fc873542ef2315739567d662fe5ce24d796690996

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /assets/application-landing-page-6a2a9f70565ca97041226a5fc873542ef2315739567d662fe5ce24d796690996.js
pragma: no-cache
cookie: __cf_bm=r6s0dn6Ja_AT1R_kw91_7sv3pZTMMU4zKvZ4pODB_nM-1631502766-0-AfTeR24aK7k6P+cHEIfyDODho/TgGm2mm8Id63FDiGsTKMr07FUE0mCaUKSXlJoCLLZfOzoZ+qHnXGi0hiPGlRD9qyQ07m1NxZfNj+5V/NaF; _revv_v3_session=eGhHZ1FGNTd5aDRJVW9Vd2VXRzVhTXVWRU1MQUFORUtUYW40RkZuRzdXdXNmRkwvcGptTkFiUzNuSzRFdzh2QU1QNVA5aWtIazBWZGU1MlRNSW5rZnNNSkJHRmRzeXMxN0tSZ2hEbHFRR1pGT3NuUmFrL1psWmRXWFkrREtBUitJRFJuK3E3cjhoVWtJWWVrZzVacVJsWXBDRE5xL2VtN0tua2k1YVNlTmkxdCtvYVVyRVc3M2FILzU0M0ZKRHI1UitvckNvME53c1RRS3JQZGRMUTZma09ZVUFlRjFENkg1Z3VIWlJoMXo3MHNTbzVSTjB1bTB6N2R1cVhWdDh0SG04cnlDd29ySzBwblBpTGtKUENkUUg0MjZZYnpHK3Q3TlBBVEJ2Y0ZPK211dmkzQWp2RCtCSVFUNEE2T2VJVVowVGkrditDaHFlOVBETzJuTDJzWlBua200QzhzOFMyVzFrV2szVUgzUjhjPS0tdnFYSzVXSnU2SEtRUkM3blhWakVYQT09--bb06fcd43698b0ddb5912be00b3c46f039b920ba
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donate.heritageaction.com
referer: https://donate.heritageaction.com/donate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: VYV3SVMBQHQ323M1
strict-transport-security: max-age=0; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-version-id: cCe_56LQ7k_J4VWEHUp5eaZkwjGl_P7y
x-amz-id-2: g3QX1HFluv3A4QPl6r3pgOxrB+dsL/sxm3FvY9oT8czOp0+3VmxQCjfU5VF2Nq3/MSrkIpx/S3o=
last-modified: Thu, 19 Aug 2021 01:56:31 GMT
server: cloudflare
etag: W/"4445d59376848e5cd64439e1c2bda3c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 68de32248e4d411a-PRG
expires: Mon, 13 Sep 2021 07:12:46 GMT

GET
H3 200 api.js Show response
donate.heritageaction.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 19ms
19ms Script
text/javascript 104.20.4.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.heritageaction.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.4.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
cookie: __cf_bm=r6s0dn6Ja_AT1R_kw91_7sv3pZTMMU4zKvZ4pODB_nM-1631502766-0-AfTeR24aK7k6P+cHEIfyDODho/TgGm2mm8Id63FDiGsTKMr07FUE0mCaUKSXlJoCLLZfOzoZ+qHnXGi0hiPGlRD9qyQ07m1NxZfNj+5V/NaF; _revv_v3_session=eGhHZ1FGNTd5aDRJVW9Vd2VXRzVhTXVWRU1MQUFORUtUYW40RkZuRzdXdXNmRkwvcGptTkFiUzNuSzRFdzh2QU1QNVA5aWtIazBWZGU1MlRNSW5rZnNNSkJHRmRzeXMxN0tSZ2hEbHFRR1pGT3NuUmFrL1psWmRXWFkrREtBUitJRFJuK3E3cjhoVWtJWWVrZzVacVJsWXBDRE5xL2VtN0tua2k1YVNlTmkxdCtvYVVyRVc3M2FILzU0M0ZKRHI1UitvckNvME53c1RRS3JQZGRMUTZma09ZVUFlRjFENkg1Z3VIWlJoMXo3MHNTbzVSTjB1bTB6N2R1cVhWdDh0SG04cnlDd29ySzBwblBpTGtKUENkUUg0MjZZYnpHK3Q3TlBBVEJ2Y0ZPK211dmkzQWp2RCtCSVFUNEE2T2VJVVowVGkrditDaHFlOVBETzJuTDJzWlBua200QzhzOFMyVzFrV2szVUgzUjhjPS0tdnFYSzVXSnU2SEtRUkM3blhWakVYQT09--bb06fcd43698b0ddb5912be00b3c46f039b920ba
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donate.heritageaction.com
referer: https://donate.heritageaction.com/donate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/javascript
vary: Accept-Encoding
cache-control: max-age=604800, public
cf-ray: 68de32260f01411a-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 440px-Heritage_Action_logo.svg.png
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/013/261/large/ 8 KB
9 KB 405ms
360ms Image
image/png 13.225.25.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/013/261/large/440px-Heritage_Action_logo.svg.png
Requested by: Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.25.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-25-33.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe9a44d87929bf3cd3e9b1ca86d89fe00039068ad84f115eb62f132c37f2a08c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Sep 2021 03:12:48 GMT
via: 1.1 0b0cf39231f2e8a928723d3a28df13cd.cloudfront.net (CloudFront)
last-modified: Sat, 17 Jul 2021 20:33:38 GMT
server: AmazonS3
x-amz-cf-pop: CDG3-C2
etag: "09c8479cc0533761591683a22342c453"
x-cache: Miss from cloudfront
x-amz-version-id: lfhbuddWLYIbjxEk0V8iXdNgErFuYjJC
accept-ranges: bytes
content-type: image/png
content-length: 8660
x-amz-cf-id: YsAov2rnen87gwUdXbiJUQw7ugNMaUyS0eDMKCi4H6pVzyZosewupg==

GET
H3 200 revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.png
donate.heritageaction.com/assets/ 3 KB
3 KB 165ms
164ms Image
image/png 104.20.4.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.heritageaction.com/assets/revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.png

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.4.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /assets/revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.png
pragma: no-cache
cookie: __cf_bm=r6s0dn6Ja_AT1R_kw91_7sv3pZTMMU4zKvZ4pODB_nM-1631502766-0-AfTeR24aK7k6P+cHEIfyDODho/TgGm2mm8Id63FDiGsTKMr07FUE0mCaUKSXlJoCLLZfOzoZ+qHnXGi0hiPGlRD9qyQ07m1NxZfNj+5V/NaF; _revv_v3_session=eGhHZ1FGNTd5aDRJVW9Vd2VXRzVhTXVWRU1MQUFORUtUYW40RkZuRzdXdXNmRkwvcGptTkFiUzNuSzRFdzh2QU1QNVA5aWtIazBWZGU1MlRNSW5rZnNNSkJHRmRzeXMxN0tSZ2hEbHFRR1pGT3NuUmFrL1psWmRXWFkrREtBUitJRFJuK3E3cjhoVWtJWWVrZzVacVJsWXBDRE5xL2VtN0tua2k1YVNlTmkxdCtvYVVyRVc3M2FILzU0M0ZKRHI1UitvckNvME53c1RRS3JQZGRMUTZma09ZVUFlRjFENkg1Z3VIWlJoMXo3MHNTbzVSTjB1bTB6N2R1cVhWdDh0SG04cnlDd29ySzBwblBpTGtKUENkUUg0MjZZYnpHK3Q3TlBBVEJ2Y0ZPK211dmkzQWp2RCtCSVFUNEE2T2VJVVowVGkrditDaHFlOVBETzJuTDJzWlBua200QzhzOFMyVzFrV2szVUgzUjhjPS0tdnFYSzVXSnU2SEtRUkM3blhWakVYQT09--bb06fcd43698b0ddb5912be00b3c46f039b920ba
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donate.heritageaction.com
referer: https://donate.heritageaction.com/donate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: 2TXXSQVC99B43BMX
content-type: image/png
strict-transport-security: max-age=0; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2844
x-amz-id-2: HVG9VXb2d4yvVnwLxg/vHJkVKLmrv7u20XKUWAHehjwJkfxpqf9l6utf0L88GmcnfoQPBtQt11s=
last-modified: Thu, 19 Aug 2021 01:56:33 GMT
server: cloudflare
etag: "0bdbab7164f21196bc848a313a9e20e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: r2P0SC6dP.ZPA3VaeqAiQFn1M728R8d1
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 68de32266f3a411a-PRG
expires: Mon, 13 Sep 2021 07:12:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 238 KB
55 KB 67ms
32ms Script
application/javascript 64.233.184.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

b80585b13b99b3727c0d66498a3c7db62de9a69f210f2aa5b4ca883678a1e2f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55835
x-xss-protection: 0
expires: Mon, 13 Sep 2021 03:12:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 107 KB
41 KB 93ms
58ms Script
application/javascript 64.233.184.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9BTZ95

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

af81c6b5192acd2e8e072bc69dc79f2c09d23f8818d65424cea6cbbe87f29737

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41924
x-xss-protection: 0
expires: Mon, 13 Sep 2021 03:12:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 114ms
35ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: +1Se/H4/nGfyDr0WH8mNQ3IFTH5/uRF81d9Us93wy5S7CPqDcJ2tPoRIvf6VBtMFXGPH+PUb2iRQuQyY40Bwqg==
x-fb-trip-id: 1082456386
x-frame-options: DENY
date: Mon, 13 Sep 2021 03:12:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 48ms
13ms Script
text/javascript 64.233.184.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1968
date: Mon, 13 Sep 2021 02:39:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 13 Sep 2021 04:39:59 GMT

GET
H2 200 Capitol_3.jpg
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/014/403/large/ 202 KB
202 KB 428ms
428ms Image
binary/octet-stream 13.225.25.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/014/403/large/Capitol_3.jpg
Requested by: Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/stylesheets/rv_page_sG1duxiJyGuXQ9SkYnR5Cvqw/1619806663.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.25.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-25-33.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fccc32e79e6f530f4cb8c98187d3056b12ba82de80f9dec22385efdf3834b57a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Sep 2021 03:12:48 GMT
via: 1.1 0b0cf39231f2e8a928723d3a28df13cd.cloudfront.net (CloudFront)
last-modified: Sat, 17 Jul 2021 23:00:03 GMT
server: AmazonS3
x-amz-cf-pop: CDG3-C2
etag: "c679af3addd0df180021d0694fec531c"
x-cache: Miss from cloudfront
x-amz-version-id: pqt62Xg_10FS5j8U2tLzBv93hz6lWKY8
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 206443
x-amz-cf-id: saqgppchEOCGkB5nn5lDXmMYM1XknxiGK0f5RXbg6Kqv68nVs7-I2Q==

GET
H3 200 icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png
donate.heritageaction.com/assets/ 560 B
1 KB 150ms
148ms Image
image/png 104.20.4.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.heritageaction.com/assets/icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/assets/landing_page-205145a105df0cfe48c31181c82ec93fbef8907bfa527923a4a10936993b1f3a.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.4.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /assets/icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png
pragma: no-cache
cookie: __cf_bm=r6s0dn6Ja_AT1R_kw91_7sv3pZTMMU4zKvZ4pODB_nM-1631502766-0-AfTeR24aK7k6P+cHEIfyDODho/TgGm2mm8Id63FDiGsTKMr07FUE0mCaUKSXlJoCLLZfOzoZ+qHnXGi0hiPGlRD9qyQ07m1NxZfNj+5V/NaF; _revv_v3_session=eGhHZ1FGNTd5aDRJVW9Vd2VXRzVhTXVWRU1MQUFORUtUYW40RkZuRzdXdXNmRkwvcGptTkFiUzNuSzRFdzh2QU1QNVA5aWtIazBWZGU1MlRNSW5rZnNNSkJHRmRzeXMxN0tSZ2hEbHFRR1pGT3NuUmFrL1psWmRXWFkrREtBUitJRFJuK3E3cjhoVWtJWWVrZzVacVJsWXBDRE5xL2VtN0tua2k1YVNlTmkxdCtvYVVyRVc3M2FILzU0M0ZKRHI1UitvckNvME53c1RRS3JQZGRMUTZma09ZVUFlRjFENkg1Z3VIWlJoMXo3MHNTbzVSTjB1bTB6N2R1cVhWdDh0SG04cnlDd29ySzBwblBpTGtKUENkUUg0MjZZYnpHK3Q3TlBBVEJ2Y0ZPK211dmkzQWp2RCtCSVFUNEE2T2VJVVowVGkrditDaHFlOVBETzJuTDJzWlBua200QzhzOFMyVzFrV2szVUgzUjhjPS0tdnFYSzVXSnU2SEtRUkM3blhWakVYQT09--bb06fcd43698b0ddb5912be00b3c46f039b920ba
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donate.heritageaction.com
referer: https://donate.heritageaction.com/assets/landing_page-205145a105df0cfe48c31181c82ec93fbef8907bfa527923a4a10936993b1f3a.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/assets/landing_page-205145a105df0cfe48c31181c82ec93fbef8907bfa527923a4a10936993b1f3a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: 2TXN9MEHWNJAQ0H2
content-type: image/png
strict-transport-security: max-age=0; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 560
x-amz-id-2: zdX/GqgBnlulZtS2Dxr1hhl8JOtzRk8ZNzvwQk42B77eV5IPezVkU7qBaifkOoMlj22OfBWxsDc=
last-modified: Thu, 19 Aug 2021 01:56:32 GMT
server: cloudflare
etag: "571ee659b7ee9af9291e7dd8176721d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: EowiCyKpYRaUj5u5VTEaLYlqYuqXVUhs
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 68de3226cf6d411a-PRG
expires: Mon, 13 Sep 2021 07:12:47 GMT

GET
H2 200 m-outer-9475bd26486e6119b23924eebd3d561a.html Show response
js.stripe.com/v3/ Frame B90E 215 B
510 B 6ms
6ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donate.heritageaction.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/

Response headers

x-amz-id-2: n5CGoq3m8/1NN94p9nO8fAk5jXsaRWl9qopUqc3cME7sC+xMYX388MDXoDvx20EeAuXeZOXUCOk=
x-amz-request-id: RH6AH8A1EJ6NNNE4
last-modified: Wed, 01 Sep 2021 21:34:43 GMT
etag: "9475bd26486e6119b23924eebd3d561a"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Mon, 13 Sep 2021 03:12:47 GMT
via: 1.1 varnish
age: 224
x-served-by: cache-hhn4036-HHN
x-cache: HIT
x-cache-hits: 65
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 130

GET
H2 200 controller-1bd91c4eab50395fc60f2af1ff892332.html Show response
js.stripe.com/v3/ Frame D4CA 299 B
338 B 6ms
5ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-1bd91c4eab50395fc60f2af1ff892332.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a262049f1c0efa0d8c4cf2b19e063c24143873fa748adb85b5186ea90b3f799e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-1bd91c4eab50395fc60f2af1ff892332.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donate.heritageaction.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/

Response headers

x-amz-id-2: rBUDMjaOqGY4fYXF4fIiWRxLhM0fc8SRjGIDhCC8gE+G+X6XFCXmsm470HJwKgK9k7EBM6SeJzY=
x-amz-request-id: QECY47KT1CQNNH47
last-modified: Fri, 10 Sep 2021 18:45:28 GMT
etag: "1bd91c4eab50395fc60f2af1ff892332"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Mon, 13 Sep 2021 03:12:47 GMT
via: 1.1 varnish
age: 228
x-served-by: cache-hhn4036-HHN
x-cache: HIT
x-cache-hits: 9
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 156

GET
H2 200 elements-inner-card-d9aba575b8286a0708f263b69334fba8.html Show response
js.stripe.com/v3/ Frame 8AA6 5 KB
2 KB 6ms
6ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-d9aba575b8286a0708f263b69334fba8.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fed28fdcf73fc955a69a8750d2922bfa6852db8462a9f228b2cb3e6fbe109734

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-d9aba575b8286a0708f263b69334fba8.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donate.heritageaction.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/

Response headers

x-amz-id-2: zFMA15GI2kzDjEopMk3B4U6K/XXzioPUW8DSLZtzxv7VSvbaWclizIvBqRq6rhSu7TMaZhcWqd8=
x-amz-request-id: TZVXNRMN56QGS56N
last-modified: Fri, 10 Sep 2021 18:45:21 GMT
etag: "d9aba575b8286a0708f263b69334fba8"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Mon, 13 Sep 2021 03:12:47 GMT
via: 1.1 varnish
age: 150
x-served-by: cache-hhn4036-HHN
x-cache: HIT
x-cache-hits: 4
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 1134

GET current_with_info
app.revv.co/api/v3/users/ 0
0

GET
H2 200 controller-1bd91c4eab50395fc60f2af1ff892332.html Show response
js.stripe.com/v3/ Frame 8832 299 B
205 B 6ms
6ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-1bd91c4eab50395fc60f2af1ff892332.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a262049f1c0efa0d8c4cf2b19e063c24143873fa748adb85b5186ea90b3f799e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-1bd91c4eab50395fc60f2af1ff892332.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donate.heritageaction.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/

Response headers

x-amz-id-2: rBUDMjaOqGY4fYXF4fIiWRxLhM0fc8SRjGIDhCC8gE+G+X6XFCXmsm470HJwKgK9k7EBM6SeJzY=
x-amz-request-id: QECY47KT1CQNNH47
last-modified: Fri, 10 Sep 2021 18:45:28 GMT
etag: "1bd91c4eab50395fc60f2af1ff892332"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Mon, 13 Sep 2021 03:12:47 GMT
via: 1.1 varnish
age: 228
x-served-by: cache-hhn4036-HHN
x-cache: HIT
x-cache-hits: 10
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 156

GET
H2 200 payment-request-inner-google-pay-28b6e2406024bf641ca85752d8328927.html Show response
js.stripe.com/v3/ Frame 1B51 384 B
563 B 6ms
6ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-28b6e2406024bf641ca85752d8328927.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f4715520a7bc364472be74ae22f933e50c4e33b6fcc161aa1e6b7c6f434adbb9

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://google.com/pay https://pay.google.com; default-src 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/payment-request-inner-google-pay-28b6e2406024bf641ca85752d8328927.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donate.heritageaction.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/

Response headers

x-amz-id-2: Ihs42oxyDZQ9H7AzKb6fedPjaS6QubqctpBWZxfsp9L+Tsz1HPrdNfT1TIL8/yWrdwhcT2sDq6Q=
x-amz-request-id: CP1PJJ92FD3HTE5V
last-modified: Fri, 10 Sep 2021 18:45:21 GMT
etag: "28b6e2406024bf641ca85752d8328927"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Mon, 13 Sep 2021 03:12:47 GMT
via: 1.1 varnish
age: 129
x-served-by: cache-hhn4036-HHN
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://google.com/pay https://pay.google.com; default-src 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'
content-length: 186

GET
H2 200 payment-request-inner-browser-2d4423af5476abe0df44ba730a448f21.html Show response
js.stripe.com/v3/ Frame 12C5 320 B
581 B 7ms
6ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-2d4423af5476abe0df44ba730a448f21.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5e297539166b3c991cc591937a4534a7fa5855d20f148439ad6285fcf55faf33

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/payment-request-inner-browser-2d4423af5476abe0df44ba730a448f21.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donate.heritageaction.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/

Response headers

x-amz-id-2: 9HyKo00dEoOAaQ4CmI+dViwXEoAXvg93rsQaj4Mqcb0bVUTngzLsM8ANeTjkg6tgHyz37DbbpVs=
x-amz-request-id: NP3E664GR99R0GDD
last-modified: Fri, 10 Sep 2021 18:45:21 GMT
etag: "2d4423af5476abe0df44ba730a448f21"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Mon, 13 Sep 2021 03:12:47 GMT
via: 1.1 varnish
age: 110
x-served-by: cache-hhn4036-HHN
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 166

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 45ms
22ms XHR
text/plain 64.233.184.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=276060280&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.heritageaction.com%2Fdonate&ul=en-us&de=UTF-8&dt=Donate%20Today!%20%7C%20Heritage%20Action%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1696386574&gjid=1714671142&cid=1544108741.1631502767&tid=UA-16902633-8&_gid=1887336322.1631502767&_r=1&_slc=1&z=307524001

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.184.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.heritageaction.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.heritageaction.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-f045e3b6b64aa0e635a6cabefc84daae.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B90E 1 KB
846 B 6ms
6ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 217
via: 1.1 varnish
x-cache: HIT
content-length: 637
x-amz-id-2: kPRAV/wdxaPkilIyK8KQwUxr6uNGx7hIL+kLbO/ZjUciOxY56J9IUFxDfZM3tjRQb068azlESGU=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Wed, 01 Sep 2021 21:34:46 GMT
server: AmazonS3
etag: "01f873d478053c6a0368329ea08f7a10"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: CZVXKR1VK3H2F6V3
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 65

GET
H2 200 shared-99bc0d38b9c35235d8312653d40e9a86.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D4CA 178 KB
45 KB 7ms
6ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-99bc0d38b9c35235d8312653d40e9a86.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1bd91c4eab50395fc60f2af1ff892332.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e351347260b1e39af4b02e32e6b7048c03ead0b692028f0b3cc247db2032cae

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1bd91c4eab50395fc60f2af1ff892332.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 231
via: 1.1 varnish
x-cache: HIT
content-length: 45626
x-amz-id-2: tZ+uCZWRh63k19hMtZJUd5C/o/DhIA3DBPFP/rUEiTaazPOB0AqXl8WKUn5A5d3pvvYGP+6bS7I=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Fri, 10 Sep 2021 18:45:22 GMT
server: AmazonS3
etag: "c9dbb5bb7dfda2f33137e1dbb9a24d6c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 24CXWY342JF9QJK4
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 10

GET
H2 200 controller-eb45372b08a3059143bcbb5926ea10b2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D4CA 186 KB
43 KB 10ms
9ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-eb45372b08a3059143bcbb5926ea10b2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1bd91c4eab50395fc60f2af1ff892332.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

29592bdddb13de2e24d6bf9718ab1eca6ab85b99eb0b7062c2b7467ee79a33ea

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1bd91c4eab50395fc60f2af1ff892332.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 221
via: 1.1 varnish
x-cache: HIT
content-length: 43501
x-amz-id-2: GtMNinlYH53+B4514TbDfty7iK7EN5butyWTQh0LgwFPVqoTP2QDzAvVhfqFPOR+meAx3qxNjD8=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Fri, 10 Sep 2021 18:45:22 GMT
server: AmazonS3
etag: "b2707a2bb44231dcf04f633e8054b2e4"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 24CPBBENWDF789VZ
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 9

GET
H2 200 ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css
js.stripe.com/v3/fingerprinted/css/ Frame 8AA6 17 KB
3 KB 12ms
11ms Stylesheet
text/css 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-d9aba575b8286a0708f263b69334fba8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50cf3499f3f3e660c8d1a6001308c32306961043c33df07163b8f817b63c930e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-d9aba575b8286a0708f263b69334fba8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 50
via: 1.1 varnish
x-cache: HIT
content-length: 2763
x-amz-id-2: o1v561uZr2k51Vvu7BQPU+pN6Ug8JKmKuTVkbHjQzR9mLCAUXrDAzE5VG9/99tywXGFMFJIKuTU=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Wed, 04 Aug 2021 20:44:34 GMT
server: AmazonS3
etag: "9a9c2063d7db2d15e1e3281da15b9d41"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: NSW4TCPK5RD69VSA
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: text/css
x-cache-hits: 2

GET
H2 200 shared-99bc0d38b9c35235d8312653d40e9a86.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8AA6 178 KB
45 KB 12ms
11ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-99bc0d38b9c35235d8312653d40e9a86.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-d9aba575b8286a0708f263b69334fba8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e351347260b1e39af4b02e32e6b7048c03ead0b692028f0b3cc247db2032cae

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-d9aba575b8286a0708f263b69334fba8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 231
via: 1.1 varnish
x-cache: HIT
content-length: 45626
x-amz-id-2: tZ+uCZWRh63k19hMtZJUd5C/o/DhIA3DBPFP/rUEiTaazPOB0AqXl8WKUn5A5d3pvvYGP+6bS7I=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Fri, 10 Sep 2021 18:45:22 GMT
server: AmazonS3
etag: "c9dbb5bb7dfda2f33137e1dbb9a24d6c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 24CXWY342JF9QJK4
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 11

GET
H2 200 ui-shared-50d8eb5ba58d8c080f23c2a1914e4e34.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8AA6 218 KB
63 KB 13ms
13ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-50d8eb5ba58d8c080f23c2a1914e4e34.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-d9aba575b8286a0708f263b69334fba8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d7ed76d5c5b5fe75d167de2d539bdd5f876a64689d9cd8233bd0dfa811fb7f55

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-d9aba575b8286a0708f263b69334fba8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 262
via: 1.1 varnish
x-cache: HIT
content-length: 64009
x-amz-id-2: PqOsG7A1ZYn7kOuH/r+QoCCS5tMnJ9wJqDdVk96rihhnHaXSekPAgHXZr+4HBOz8aAJudAh0kkM=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Fri, 10 Sep 2021 18:45:23 GMT
server: AmazonS3
etag: "be85fa3fcea3620b6727a81338a4dbd3"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: NV9TYBPHCKWJ73MB
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 6

GET
H2 200 elements-inner-card-cbd0a8d0cad722f1fa6469d666456a03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8AA6 46 KB
12 KB 13ms
12ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-cbd0a8d0cad722f1fa6469d666456a03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-d9aba575b8286a0708f263b69334fba8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

39bdfb7dcb123f54b90fda7938861f05af7360a3f780a333b635e19c30d666c3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-d9aba575b8286a0708f263b69334fba8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 262
via: 1.1 varnish
x-cache: HIT
content-length: 11424
x-amz-id-2: JFE7vHwiESUl8pUxhJGPPBRBs620/jhSXaYV9a0apGO7oKROx9iDIznPhw0kEg1C9u85XL+aIi0=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Fri, 10 Sep 2021 01:27:56 GMT
server: AmazonS3
etag: "6571d92699f7801456e98fba573c025d"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 7RNHN1MT82SWBJTY
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 5

GET
H2 200 shared-99bc0d38b9c35235d8312653d40e9a86.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8832 178 KB
45 KB 16ms
16ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-99bc0d38b9c35235d8312653d40e9a86.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1bd91c4eab50395fc60f2af1ff892332.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e351347260b1e39af4b02e32e6b7048c03ead0b692028f0b3cc247db2032cae

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1bd91c4eab50395fc60f2af1ff892332.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 231
via: 1.1 varnish
x-cache: HIT
content-length: 45626
x-amz-id-2: tZ+uCZWRh63k19hMtZJUd5C/o/DhIA3DBPFP/rUEiTaazPOB0AqXl8WKUn5A5d3pvvYGP+6bS7I=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Fri, 10 Sep 2021 18:45:22 GMT
server: AmazonS3
etag: "c9dbb5bb7dfda2f33137e1dbb9a24d6c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 24CXWY342JF9QJK4
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 12

GET
H2 200 controller-eb45372b08a3059143bcbb5926ea10b2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8832 186 KB
43 KB 15ms
15ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-eb45372b08a3059143bcbb5926ea10b2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1bd91c4eab50395fc60f2af1ff892332.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

29592bdddb13de2e24d6bf9718ab1eca6ab85b99eb0b7062c2b7467ee79a33ea

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1bd91c4eab50395fc60f2af1ff892332.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 221
via: 1.1 varnish
x-cache: HIT
content-length: 43501
x-amz-id-2: GtMNinlYH53+B4514TbDfty7iK7EN5butyWTQh0LgwFPVqoTP2QDzAvVhfqFPOR+meAx3qxNjD8=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Fri, 10 Sep 2021 18:45:22 GMT
server: AmazonS3
etag: "b2707a2bb44231dcf04f633e8054b2e4"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 24CPBBENWDF789VZ
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 10

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 22ms
22ms Script
text/javascript 64.233.184.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.184.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f138.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 02:37:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2107
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Mon, 13 Sep 2021 03:37:40 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 50ms
17ms Script
text/javascript 64.233.184.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9BTZ95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f155.1e100.net

Software

cafe /

Resource Hash

8227a862b924b10dd6f1937cc73288d73111599d2968728fc762baf159cc3e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
server: cafe
etag: 16185193972789726432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 03:12:47 GMT

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 1B51 96 KB
31 KB 194ms
124ms Script
application/javascript 142.250.102.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-28b6e2406024bf641ca85752d8328927.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f92.1e100.net

Software

ESF /

Resource Hash

9019bbfb65880611d2346193e26d40a607bfafd33218a6b022addbecb3ffa045

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6ZyEN7gCV+b+A7Skrukxjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-6ZyEN7gCV+b+A7Skrukxjg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
content-security-policy: script-src 'report-sample' 'nonce-6ZyEN7gCV+b+A7Skrukxjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-6ZyEN7gCV+b+A7Skrukxjg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
expires: Mon, 13 Sep 2021 03:12:47 GMT

GET
H2 200 shared-99bc0d38b9c35235d8312653d40e9a86.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1B51 178 KB
45 KB 7ms
6ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-99bc0d38b9c35235d8312653d40e9a86.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-28b6e2406024bf641ca85752d8328927.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e351347260b1e39af4b02e32e6b7048c03ead0b692028f0b3cc247db2032cae

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-28b6e2406024bf641ca85752d8328927.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 231
via: 1.1 varnish
x-cache: HIT
content-length: 45626
x-amz-id-2: tZ+uCZWRh63k19hMtZJUd5C/o/DhIA3DBPFP/rUEiTaazPOB0AqXl8WKUn5A5d3pvvYGP+6bS7I=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Fri, 10 Sep 2021 18:45:22 GMT
server: AmazonS3
etag: "c9dbb5bb7dfda2f33137e1dbb9a24d6c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 24CXWY342JF9QJK4
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 13

GET
H2 200 payment-request-inner-google-pay-320e6550ad8b433ab72a87590dfee30b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1B51 13 KB
4 KB 11ms
10ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-320e6550ad8b433ab72a87590dfee30b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-28b6e2406024bf641ca85752d8328927.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1b8fa2ec891dbc4865e965c691b3396fbb88f5cc8329d9a92d97b36fbb452097

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-28b6e2406024bf641ca85752d8328927.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 160
via: 1.1 varnish
x-cache: HIT
content-length: 4338
x-amz-id-2: DmLjTPMMtxvQ6mopN+5T+9tTztpPtNOy9lVtSYMtdSlPiyWqlSvkDDfggvY+Nkin2klNNIOYwRw=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Wed, 01 Sep 2021 21:34:43 GMT
server: AmazonS3
etag: "4ce4029f67fada490ceb52fc268e0d78"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 26V94M6ZB2A1EH5M
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1

GET
H2 200 shared-99bc0d38b9c35235d8312653d40e9a86.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 12C5 178 KB
45 KB 8ms
7ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-99bc0d38b9c35235d8312653d40e9a86.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-2d4423af5476abe0df44ba730a448f21.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e351347260b1e39af4b02e32e6b7048c03ead0b692028f0b3cc247db2032cae

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-2d4423af5476abe0df44ba730a448f21.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 231
via: 1.1 varnish
x-cache: HIT
content-length: 45626
x-amz-id-2: tZ+uCZWRh63k19hMtZJUd5C/o/DhIA3DBPFP/rUEiTaazPOB0AqXl8WKUn5A5d3pvvYGP+6bS7I=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Fri, 10 Sep 2021 18:45:22 GMT
server: AmazonS3
etag: "c9dbb5bb7dfda2f33137e1dbb9a24d6c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 24CXWY342JF9QJK4
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 14

GET
H2 200 payment-request-inner-browser-2da2110e7dcacd9591908947d163d0fb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 12C5 11 KB
4 KB 10ms
9ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-2da2110e7dcacd9591908947d163d0fb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-2d4423af5476abe0df44ba730a448f21.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e590b183041f83e69002df431249c4a1d4aaaaab515106170719328365d81be

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-2d4423af5476abe0df44ba730a448f21.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 288
via: 1.1 varnish
x-cache: HIT
content-length: 4052
x-amz-id-2: YXYVmlgOwAgQFlw6PDqH0j6K9agu5BWnFp1x07/xLoicdUq5HoMfgavhEG51AToBalTx04Hj/qQ=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Wed, 01 Sep 2021 21:34:45 GMT
server: AmazonS3
etag: "d6a8bed77e572e796e5d63e186b17d44"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GHP74E9YTVB3CMXW
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 3

GET
H3 200 521982118334171 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 161ms
123ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/521982118334171?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

c22cb3eb2d0c10211753b2800bc15a7348ba6c4404c9b6cb63514fb907243e28

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: eojYulCZD2dTZ19hMEB0pREuLnxMJPrO3HDNpnx5P9/HKaNxrXI9vbOd+YCLcyJ+nuRv7xZmau581EPvBXOD2Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 13 Sep 2021 03:12:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 result Show response
donate.heritageaction.com/cdn-cgi/bm/cv/ 0
540 B 22ms
22ms XHR
text/plain 104.20.4.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.heritageaction.com/cdn-cgi/bm/cv/result?req_id=68de32231c532784

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/cdn-cgi/bm/cv/669835187/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.4.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://donate.heritageaction.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: __cf_bm=r6s0dn6Ja_AT1R_kw91_7sv3pZTMMU4zKvZ4pODB_nM-1631502766-0-AfTeR24aK7k6P+cHEIfyDODho/TgGm2mm8Id63FDiGsTKMr07FUE0mCaUKSXlJoCLLZfOzoZ+qHnXGi0hiPGlRD9qyQ07m1NxZfNj+5V/NaF; _revv_v3_session=eGhHZ1FGNTd5aDRJVW9Vd2VXRzVhTXVWRU1MQUFORUtUYW40RkZuRzdXdXNmRkwvcGptTkFiUzNuSzRFdzh2QU1QNVA5aWtIazBWZGU1MlRNSW5rZnNNSkJHRmRzeXMxN0tSZ2hEbHFRR1pGT3NuUmFrL1psWmRXWFkrREtBUitJRFJuK3E3cjhoVWtJWWVrZzVacVJsWXBDRE5xL2VtN0tua2k1YVNlTmkxdCtvYVVyRVc3M2FILzU0M0ZKRHI1UitvckNvME53c1RRS3JQZGRMUTZma09ZVUFlRjFENkg1Z3VIWlJoMXo3MHNTbzVSTjB1bTB6N2R1cVhWdDh0SG04cnlDd29ySzBwblBpTGtKUENkUUg0MjZZYnpHK3Q3TlBBVEJ2Y0ZPK211dmkzQWp2RCtCSVFUNEE2T2VJVVowVGkrditDaHFlOVBETzJuTDJzWlBua200QzhzOFMyVzFrV2szVUgzUjhjPS0tdnFYSzVXSnU2SEtRUkM3blhWakVYQT09--bb06fcd43698b0ddb5912be00b3c46f039b920ba; origin_url=https://donate.heritageaction.com/donate; _ga=GA1.2.1544108741.1631502767; _gid=GA1.2.1887336322.1631502767; _gat=1; _gcl_au=1.1.630216837.1631502767
content-length: 424
:path: /cdn-cgi/bm/cv/result?req_id=68de32231c532784
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: donate.heritageaction.com
referer: https://donate.heritageaction.com/donate
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://donate.heritageaction.com/donate
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
set-cookie: __cf_bm=bAYVqIgIIAv6Su.Fyz9QPct4WRt6fS7cT4qblB680uQ-1631502767-0-ATQMWMyT62TNAoS01zjM1xz5mKvn+5IF70LhSTDk4JWWgesZK+ispnqkwCbkuvQwi65V8kPPh9sK0ULWT9jM2v6GRe9/q298M+H7btWoTReVQ4cznKItwruzkvkddPgWlPdFwmp4T/IhgEujFFFUUkM0fkkFtRyn2DLgjBEQ5C4t7+m0VufOuWjzt4uNdwDEnA==; path=/; expires=Mon, 13-Sep-21 03:42:47 GMT; domain=.donate.heritageaction.com; HttpOnly; Secure; SameSite=None
cf-ray: 68de32282821411a-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 07B1 932 B
1 KB 67ms
15ms Document
text/html 13.225.25.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.25.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-25-14.cdg3.r.cloudfront.net

Software

nginx /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Mon, 13 Sep 2021 03:10:24 GMT
cache-control: public, max-age=300
etag: W/"6114649b-3a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 81df7b82147a3b8250950ccfe02b7433.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
x-amz-cf-id: kcBgdhCc7fsc5_g-BsJEoQR2Ue5S4zsUGgWxT5Q94BHI8meUoc51JQ==
age: 143

POST
H2 200 0 Show response
r.stripe.com/ Frame D4CA 0
213 B 520ms
172ms XHR
application/octet-stream 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-99bc0d38b9c35235d8312653d40e9a86.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
467 B 46ms
14ms XHR
text/plain 142.251.5.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-73658561-7&cid=1544108741.1631502767&jid=994396065&gjid=1227667010&_gid=1887336322.1631502767&_u=aGDAgEALAAAAAG~&z=1634748197

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.heritageaction.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Sep 2021 03:12:47 GMT
content-type: text/plain
access-control-allow-origin: https://donate.heritageaction.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 22ms
22ms XHR
text/plain 64.233.184.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=276060280&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.heritageaction.com%2Fdonate&ul=en-us&de=UTF-8&dt=Donate%20Today!%20%7C%20Heritage%20Action%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEALBAAAAG~&jid=1046698492&gjid=1534975532&cid=1544108741.1631502767&tid=UA-39780635-166&_gid=1887336322.1631502767&_r=1&gtm=2wg910N9BTZ95&z=2080151601

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.184.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.heritageaction.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.heritageaction.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 64.233.184.138
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=276060280&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.heritageaction.com%2Fdonate&ul=en-us&de=UTF-8&dt=Donate%20Today!%20%7C%20Heritage%20Action%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEALAAAAAC~&jid=994396065&gjid=1227667010&cid=1544108741.1631502767&tid=UA-73658561-7&_gid=1887336322.1631502767&gtm=2wg910NTQZ9N&z=1248090554

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.184.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Sep 2021 12:04:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54473
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 8832 0
213 B 506ms
173ms XHR
application/octet-stream 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-99bc0d38b9c35235d8312653d40e9a86.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

GET
H2 200 countryRanges-36a38cc99b98672cc2e02d3b86e70bb8.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 8AA6 142 KB
36 KB 7ms
6ms XHR
application/json 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/countryRanges-36a38cc99b98672cc2e02d3b86e70bb8.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-99bc0d38b9c35235d8312653d40e9a86.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

67adba40b81eecd8636d38a0eda3843446f074d861494fdfe13021ad4a122c3c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-d9aba575b8286a0708f263b69334fba8.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 205
via: 1.1 varnish
x-cache: HIT
content-length: 36383
x-amz-id-2: 2BfZn/ah1Qz3mxAnuiMgKUZil/P01+NbykCuACwzWRxydSFRVL19EM5FDLeZXPWib6K2HwKdhFM=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Fri, 16 Jul 2021 20:26:11 GMT
server: AmazonS3
etag: "36a38cc99b98672cc2e02d3b86e70bb8"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 6FVS6VFJ7DKMV4JH
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/json
x-cache-hits: 1

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 82ms
29ms Image
image/gif 74.125.133.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-73658561-7&cid=1544108741.1631502767&jid=994396065&_u=aGDAgEALAAAAAG~&z=1932196396

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
q.stripe.com/ Frame D4CA 43 B
286 B 500ms
162ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=2&timestamp=1631502767479&event_id=d5a4dbc7-d49c-4501-bf80-0871fc4c0b3d&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767411&wrapper=unknown&es_module=false&frame_width=1600

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame D4CA 43 B
285 B 500ms
163ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.elements&event_count=3&timestamp=1631502767480&event_id=c9278046-4427-43f4-8c64-f9a336580588&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767411&wrapper=unknown&es_module=false&frame_width=1600&options-locale=en

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame D4CA 43 B
285 B 500ms
163ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=4&timestamp=1631502767480&event_id=993dad0b-8ae7-4bed-b7b2-b1ae05b94276&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767411&wrapper=unknown&es_module=false&frame_width=1600

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame D4CA 43 B
285 B 500ms
163ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=5&timestamp=1631502767481&event_id=0abef9b1-6ff4-4eeb-bca2-02833b990041&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767411&wrapper=unknown&es_module=false&frame_width=1600&element=ControllerApp&dom_loading=34&dom_interactive=190&dom_complete=190&since_sjs_load=300&since_stripe_create=194&since_create=194&mount_duration=192&since_fetch=188&load_count=1&match_frame=true&resource_timings-shared.js-transfer_size=45926&resource_timings-shared.js-duration=9&resource_timings-controller.js-transfer_size=43801&resource_timings-controller.js-duration=13

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 499ms
164ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=2&timestamp=1631502767482&event_id=2ec66598-ced4-4efd-90e9-0a2bf9646f1e&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 499ms
164ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.options&event_count=3&timestamp=1631502767483&event_id=8a5b2e66-d2b3-4cfc-8b0d-569589c65a34&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600&options-country=US&options-currency=usd&options-requestPayerEmail=true&options-requestPayerName=true&options-requestPayerPhone=true&usesButtonElement=false

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 499ms
164ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.query_strategy&event_count=4&timestamp=1631502767483&event_id=03aa8e3c-1734-4c78-9584-1edcfb8a86a6&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600&queryStrategy=GOOGLE_PAY+BROWSER&usesButtonElement=false

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 660ms
326ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=5&timestamp=1631502767483&event_id=72f9c877-9d4c-4213-9cb5-573ac7af5b46&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 661ms
326ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=6&timestamp=1631502767484&event_id=f226e629-408f-46d2-8f9b-25d37913e637&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 660ms
326ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.elements&event_count=7&timestamp=1631502767484&event_id=29732815-a93a-4738-a55c-73fb4d95499d&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 212ms
211ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=8&timestamp=1631502767484&event_id=f43f73f9-c144-40f1-9989-8156abb7f76c&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 212ms
211ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.can_make_payment&event_count=9&timestamp=1631502767485&event_id=a43750d7-ecbf-4ecd-8832-7790ca8f83c9&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600&usesButtonElement=true

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 212ms
211ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=10&timestamp=1631502767485&event_id=d1ba4ae5-f8ee-44de-a4a6-51eab7b57eeb&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600&element=ControllerApp&dom_loading=18&dom_interactive=182&dom_complete=182&since_sjs_load=316&since_stripe_create=183&since_create=183&mount_duration=182&since_fetch=181&load_count=1&match_frame=true&resource_timings-shared.js-transfer_size=45926&resource_timings-shared.js-duration=19&resource_timings-controller.js-transfer_size=43801&resource_timings-controller.js-duration=19

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 213ms
212ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.cross_frame_access&event_count=11&timestamp=1631502767487&event_id=27dfe9cd-e658-43a4-a54b-77955aeec66d&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600&available=true

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame D4CA 43 B
285 B 657ms
327ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.cross_frame_access&event_count=6&timestamp=1631502767488&event_id=addf2c7a-d5ab-427f-b401-75770b049b5b&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767411&wrapper=unknown&es_module=false&frame_width=1600&available=true

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/696485407/ 2 KB
2 KB 80ms
30ms Script
text/javascript 74.125.71.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696485407/?random=1631502767492&cv=9&fst=1631502767492&num=1&label=YMHNCIb2v7MBEJ-MjswC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg910&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdonate.heritageaction.com%2Fdonate&tiba=Donate%20Today!%20%7C%20Heritage%20Action%20for%20America&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f157.1e100.net

Software

cafe /

Resource Hash

98d6afd4f3f8d1c5833e35324946f328d919c0a6d928401416ea5561eee6bcf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1046
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
q.stripe.com/ Frame D4CA 43 B
285 B 648ms
327ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.create&event_count=7&timestamp=1631502767496&event_id=30c3d7ed-6a26-4933-b39d-7d118c1e09fb&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767411&wrapper=unknown&es_module=false&frame_width=1600&options-style-base-type=blocks&options-style-base-blocks=%5Bobject+Object%5D+%5Bobject+Object%5D&options-style-invalid-type=blocks&options-style-invalid-blocks=%5Bobject+Object%5D+%5Bobject+Object%5D&options-locale=en&options-betas=&options-componentName=card&options-wait=false&options-rtl=false&element=card

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D4CA 0
214 B 436ms
172ms XHR
application/octet-stream 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-99bc0d38b9c35235d8312653d40e9a86.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

GET
H2 200 /
q.stripe.com/ Frame D4CA 43 B
285 B 211ms
210ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=9&timestamp=1631502767499&event_id=7f8a8709-c782-4af0-8e3a-6f9586ed7702&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767411&wrapper=unknown&es_module=false&frame_width=1600&dom_loading=33&dom_interactive=241&dom_complete=247&since_sjs_load=340&since_stripe_create=227&since_group_create=227&since_create=227&mount_duration=224&since_fetch=224&load_count=1&match_frame=true&resource_timings-ui-shared.css-transfer_size=3063&resource_timings-ui-shared.css-duration=12&resource_timings-shared.js-transfer_size=45926&resource_timings-shared.js-duration=15&resource_timings-ui-shared.js-transfer_size=64309&resource_timings-ui-shared.js-duration=18&resource_timings-elements-inner-card.js-transfer_size=11724&resource_timings-elements-inner-card.js-duration=16&element=card

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame D4CA 43 B
285 B 212ms
211ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.event.ready&event_count=10&timestamp=1631502767517&event_id=a83e858d-ad26-41ba-850c-54bd31957d9d&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767411&wrapper=unknown&es_module=false&frame_width=1600&element=card

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame 07B1 85 KB
19 KB 20ms
19ms Script
application/x-javascript 13.225.25.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.25.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-25-14.cdg3.r.cloudfront.net

Software

nginx /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
server: nginx
x-amz-cf-pop: CDG3-C2
etag: W/"6114649b-154bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript; charset=utf-8
via: 1.1 81df7b82147a3b8250950ccfe02b7433.cloudfront.net (CloudFront)
cache-control: public, max-age=300
date: Mon, 13 Sep 2021 03:12:47 GMT
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
timing-allow-origin: *
x-amz-cf-id: 7ps9tPTVCjK_-OMq6rIPzo5-TCdWTMTnAuJvEMTQr2AysmmTVPhvvQ==

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 5048 17 KB
7 KB 103ms
74ms Document
text/html 142.250.102.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.102.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f92.1e100.net

Software

ESF /

Resource Hash

0f84107555307e0d51df3e30c5e548d60893e57aecb9237bb72b27202cddf0ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-o3AClCC3jUvnum8EWGt8SQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-o3AClCC3jUvnum8EWGt8SQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pay.google.com
:scheme: https
:path: /gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
cookie: NID=223=xlnlK6kVwL28MNIXYX5dwUWR4QAuwWc39uVomhgh9skn3dz-JmmhERjTdWB1gbalQZ_2GgvbTfcxEDTWFllmmIlO3pJKz7D3VhMwDqdVNtuKLtwr7nug9h7ap6QrQ8g1ypnac8T5N1JzucdACWwFEUe0jJfSIgn1KUJ4vcyMBzU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Mon, 13 Sep 2021 03:12:47 GMT
date: Mon, 13 Sep 2021 03:12:47 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-o3AClCC3jUvnum8EWGt8SQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-o3AClCC3jUvnum8EWGt8SQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 165ms
88ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=521982118334171&ev=PageView&dl=https%3A%2F%2Fdonate.heritageaction.com%2Fdonate&rl=&if=false&ts=1631502767660&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631502767659.1042354204&it=1631502767358&coo=false&rqm=GET

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 13 Sep 2021 03:12:47 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 111ms
35ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=521982118334171&ev=CompleteRegistration&dl=https%3A%2F%2Fdonate.heritageaction.com%2Fdonate&rl=&if=false&ts=1631502767663&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631502767659.1042354204&it=1631502767358&coo=false&rqm=GET

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 13 Sep 2021 03:12:47 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 07B1 156 B
518 B 507ms
168ms XHR
text/plain 34.215.192.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.192.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-192-98.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5c17a397b3dc2cd54e14c0cb1c49b4b8cca1ebbf9c53841566ce8ad2799b2da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 13 Sep 2021 03:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H3 200 /
www.google.com/pagead/1p-user-list/696485407/ 42 B
64 B 79ms
36ms Image
image/gif 74.125.133.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/696485407/?random=1631502767492&cv=9&fst=1631502000000&num=1&label=YMHNCIb2v7MBEJ-MjswC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg910&sendb=1&frm=0&url=https%3A%2F%2Fdonate.heritageaction.com%2Fdonate&tiba=Donate%20Today!%20%7C%20Heritage%20Action%20for%20America&async=1&fmt=3&is_vtc=1&random=1847715776&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.133.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 5048 2 KB
2 KB 14ms
13ms Other
text/html 142.250.102.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.102.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: rb-in-f92.1e100.net
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 13 Sep 2021 03:12:47 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrizZz... Frame 5048 146 KB
52 KB 48ms
14ms Script
text/javascript 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrizZzZVRWBmEPENcZ7wdhWuH_M71A/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

f4a2e6df0542ecc03ada3b84464679ec0e5f32179b8f405db7e58efe37589703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 19:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52221
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 03:24:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Sat, 10 Sep 2022 19:40:14 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Fvo... Frame 5048 36 KB
13 KB 28ms
14ms Script
text/javascript 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Fvod1TEPR3g.L.B1.O/am=AoA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrgNFwZ1AYKinGHMiEBpmCLDxMaeCA/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrizZzZVRWBmEPENcZ7wdhWuH_M71A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

b33042d54518467ee6d803b809e388c9570895d03926c7e50c7fa8c932608961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 19:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13275
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:32:14 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Sep 2022 19:41:05 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Fvo... Frame 5048 72 KB
26 KB 27ms
18ms Script
text/javascript 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Fvod1TEPR3g.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrgNFwZ1AYKinGHMiEBpmCLDxMaeCA/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrizZzZVRWBmEPENcZ7wdhWuH_M71A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

01334f93dc2f64c794207b86631a5d90a5dfb3e5d73f8a1d32186579311b6d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 19:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26874
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:32:14 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Sep 2022 19:40:30 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 5048 48 KB
19 KB 22ms
22ms Script
text/javascript 64.233.184.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Fvod1TEPR3g.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrgNFwZ1AYKinGHMiEBpmCLDxMaeCA/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.184.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1968
date: Mon, 13 Sep 2021 02:39:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 13 Sep 2021 04:39:59 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 5048 1 MB
343 KB 70ms
69ms XHR
text/html 142.250.102.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrizZzZVRWBmEPENcZ7wdhWuH_M71A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.102.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f92.1e100.net

Software

ESF /

Resource Hash

945b0e9a1e6aeeba916af64f2e60e222459aa11f8941c359143f1cb147cd4bbe

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-irT9/gGSly5ySnYwQCnlKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-irT9/gGSly5ySnYwQCnlKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
date: Mon, 13 Sep 2021 03:12:47 GMT
x-frame-options: DENY
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-irT9/gGSly5ySnYwQCnlKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-irT9/gGSly5ySnYwQCnlKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Mon, 13 Sep 2021 03:12:47 GMT

POST
H3 200 log Show response
play.google.com/ Frame 5048 131 B
152 B 65ms
39ms XHR
text/plain 142.251.5.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrizZzZVRWBmEPENcZ7wdhWuH_M71A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f102.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 13 Sep 2021 03:12:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 69ms
16ms Preflight
text/plain 142.251.5.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.251.5.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f102.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 13 Sep 2021 03:12:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 log Show response
play.google.com/ Frame 5048 131 B
152 B 67ms
38ms XHR
text/plain 142.251.5.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrizZzZVRWBmEPENcZ7wdhWuH_M71A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f102.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 13 Sep 2021 03:12:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 63ms
16ms Preflight
text/plain 142.251.5.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.251.5.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f102.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 13 Sep 2021 03:12:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 log Show response
play.google.com/ Frame 5048 131 B
152 B 66ms
39ms XHR
text/plain 142.251.5.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrizZzZVRWBmEPENcZ7wdhWuH_M71A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f102.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 13 Sep 2021 03:12:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 59ms
16ms Preflight
text/plain 142.251.5.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.251.5.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f102.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 13 Sep 2021 03:12:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 log Show response
play.google.com/ Frame 5048 131 B
152 B 66ms
40ms XHR
text/plain 142.251.5.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrizZzZVRWBmEPENcZ7wdhWuH_M71A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f102.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 13 Sep 2021 03:12:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 53ms
17ms Preflight
text/plain 142.251.5.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.251.5.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f102.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 13 Sep 2021 03:12:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 log Show response
play.google.com/ Frame 5048 131 B
152 B 64ms
38ms XHR
text/plain 142.251.5.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrizZzZVRWBmEPENcZ7wdhWuH_M71A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f102.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 13 Sep 2021 03:12:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 49ms
17ms Preflight
text/plain 142.251.5.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.251.5.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f102.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 13 Sep 2021 03:12:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
q.stripe.com/ Frame D4CA 43 B
285 B 184ms
184ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=11&timestamp=1631502767962&event_id=e48ea303-81dc-49ac-96d0-d6bbdb33b2de&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767411&wrapper=unknown&es_module=false&frame_width=1600&element=outer&dom_loading=215&dom_interactive=637&dom_complete=1368&since_fetch=547&load_count=1&load_before_dom_content_loaded=true&load_ready_state=loading&first_create_ready_state=interactive&first_mount_readyState=interactive&until_first_create=106&until_first_mount=108&until_first_load=359&resource_timings-stripe.js-transfer_size=61820&resource_timings-stripe.js-duration=295&resource_timings-m-outer.html-transfer_size=430&resource_timings-m-outer.html-duration=7&resource_timings-controller.html-transfer_size=456&resource_timings-controller.html-duration=7&resource_timings-elements-inner-card.html-transfer_size=1434&resource_timings-elements-inner-card.html-duration=7&resource_timings-payment-request-inner-google-pay.html-transfer_size=486&resource_timings-payment-request-inner-google-pay.html-duration=7&resource_timings-payment-request-inner-browser.html-transfer_size=466&resource_timings-payment-request-inner-browser.html-duration=9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H3 200 m=Wt6vjf,_latency,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Fvo... Frame 5048 17 KB
7 KB 14ms
13ms Script
text/javascript 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Fvod1TEPR3g.L.B1.O/am=AoA/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrgNFwZ1AYKinGHMiEBpmCLDxMaeCA/m=Wt6vjf,_latency,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrizZzZVRWBmEPENcZ7wdhWuH_M71A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

b269412b51020a8a389f34f1a4af2139e5a0ff45e529c94531777f7b60de2f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 19:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7320
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:32:14 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Sep 2022 19:41:06 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Fvo... Frame 5048 8 KB
3 KB 17ms
16ms Script
text/javascript 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Fvod1TEPR3g.L.B1.O/am=AoA/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_latency,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrgNFwZ1AYKinGHMiEBpmCLDxMaeCA/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrizZzZVRWBmEPENcZ7wdhWuH_M71A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

0fbdc3228822feabe9c97c30d9f5ca6456e84f22588bb112bba262eabbea914e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 07:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:32:14 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 07:21:50 GMT

POST
H3 200 log Show response
play.google.com/ Frame 5048 131 B
152 B 65ms
39ms XHR
text/plain 142.251.5.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrizZzZVRWBmEPENcZ7wdhWuH_M71A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f102.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 13 Sep 2021 03:12:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 37ms
17ms Preflight
text/plain 142.251.5.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.251.5.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f102.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 13 Sep 2021 03:12:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 173ms
172ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.google_pay.activity_mode&event_count=12&timestamp=1631502767974&event_id=7455f7c1-a12a-4988-b4cd-82236affd6a7&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600&activityModeName=POPUP&activityMode=2&backingLibrary=GOOGLE_PAY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 173ms
172ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.google_pay.can_make_payment_native_response&event_count=13&timestamp=1631502767974&event_id=7e775335-a86b-4908-a2c4-daa703bff75e&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600&available=false&backingLibrary=GOOGLE_PAY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 172ms
172ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.error.pr.browser.can_make_payment_rate_limited&event_count=14&timestamp=1631502767976&event_id=46e6d596-66d1-4627-8c98-122ad4f0b009&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600&error-stack=Error%3A+Failed+to+execute+%27hasEnrolledInstrument%27+on+%27PaymentRequest%27%3A+Cannot+query+payment+request%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fpayment-request-inner-browser-2da2110e7dcacd%3Csanitized%3Ed163d0fb.js%3A1%3A10013%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-99bc0d38b9c35235d%3Csanitized%3Ed40e9a86.js%3A1%3A74689%0A++++at+Array.forEach+(%3Canonymous%3E)%0A++++at+t._emit+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-99bc0d38b9c35235d%3Csanitized%3Ed40e9a86.js%3A1%3A74666)%0A++++at+e.value+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-99bc0d38b9c35235d%3Csanitized%3Ed40e9a86.js%3A1%3A53727)%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-99bc0d38b9c35235d%3Csanitized%3Ed40e9a86.js%3A1%3A81558%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-99bc0d38b9c35235d%3Csanitized%3Ed40e9a86.js%3A1%3A77043%0A++++at+new+Promise+(%3Canonymous%3E)%0A++++at+t.n._respondUsingPromise+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-99bc0d38b9c35235d%3Csanitized%3Ed40e9a86.js%3A1%3A77015)%0A++++at+t.value+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-99bc0d38b9c35235d%3Csanitized%3Ed40e9a86.js%3A1%3A81482)&backingLibrary=BROWSER

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 172ms
172ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.error.payreq.can_make_payment_rate_limited&event_count=15&timestamp=1631502767976&event_id=8583b864-6c5d-4b70-a007-a64765199a11&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600&message=Failed+to+execute+%27hasEnrolledInstrument%27+on+%27PaymentRequest%27%3A+Cannot+query+payment+request&impl=prapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 elements-inner-payment-request-24fb1d5ebdd7887d32aa30e543bf5a4d.html Show response
js.stripe.com/v3/ Frame 10A0 8 KB
2 KB 8ms
8ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-24fb1d5ebdd7887d32aa30e543bf5a4d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c59772f24599a030e66e1166111017bd81d634bac10e95bc4176dd0ed0e42c02

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-payment-request-24fb1d5ebdd7887d32aa30e543bf5a4d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donate.heritageaction.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/

Response headers

x-amz-id-2: vQ4MOWzAm+VIM3qx+XMoC3hMMid3W/0wWwi5RB4yb6PQdV/PULLAyiwWqGO7KEYkoZEYiYzG/Sc=
x-amz-request-id: 45ZY8KJ97PE8BW51
last-modified: Fri, 10 Sep 2021 18:45:21 GMT
etag: "24fb1d5ebdd7887d32aa30e543bf5a4d"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Mon, 13 Sep 2021 03:12:47 GMT
via: 1.1 varnish
age: 226
x-served-by: cache-hhn4036-HHN
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 1750

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 165ms
164ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.can_make_payment_response&event_count=16&timestamp=1631502767983&event_id=461b2ca9-9734-4a84-b866-0f6e32d5cdfc&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600&response-applePay=false&response-googlePay=false&cached=false&duration=727&activeBackingLibrary=BROWSER&usesButtonElement=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H2 200 log Show response
play.google.com/ Frame 5048 131 B
540 B 87ms
40ms XHR
text/plain 142.251.5.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.K7imDptRsGw.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrizZzZVRWBmEPENcZ7wdhWuH_M71A/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f102.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 13 Sep 2021 03:12:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

GET
H2 200 ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css
js.stripe.com/v3/fingerprinted/css/ Frame 10A0 17 KB
3 KB 7ms
6ms Stylesheet
text/css 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-24fb1d5ebdd7887d32aa30e543bf5a4d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50cf3499f3f3e660c8d1a6001308c32306961043c33df07163b8f817b63c930e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-24fb1d5ebdd7887d32aa30e543bf5a4d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:48 GMT
content-encoding: br
vary: Accept-Encoding
age: 50
via: 1.1 varnish
x-cache: HIT
content-length: 2763
x-amz-id-2: o1v561uZr2k51Vvu7BQPU+pN6Ug8JKmKuTVkbHjQzR9mLCAUXrDAzE5VG9/99tywXGFMFJIKuTU=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Wed, 04 Aug 2021 20:44:34 GMT
server: AmazonS3
etag: "9a9c2063d7db2d15e1e3281da15b9d41"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: NSW4TCPK5RD69VSA
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: text/css
x-cache-hits: 3

GET
H2 200 shared-99bc0d38b9c35235d8312653d40e9a86.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 10A0 178 KB
45 KB 7ms
6ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-99bc0d38b9c35235d8312653d40e9a86.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-24fb1d5ebdd7887d32aa30e543bf5a4d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e351347260b1e39af4b02e32e6b7048c03ead0b692028f0b3cc247db2032cae

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-24fb1d5ebdd7887d32aa30e543bf5a4d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:48 GMT
content-encoding: br
vary: Accept-Encoding
age: 232
via: 1.1 varnish
x-cache: HIT
content-length: 45626
x-amz-id-2: tZ+uCZWRh63k19hMtZJUd5C/o/DhIA3DBPFP/rUEiTaazPOB0AqXl8WKUn5A5d3pvvYGP+6bS7I=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Fri, 10 Sep 2021 18:45:22 GMT
server: AmazonS3
etag: "c9dbb5bb7dfda2f33137e1dbb9a24d6c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 24CXWY342JF9QJK4
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 15

GET
H2 200 ui-shared-50d8eb5ba58d8c080f23c2a1914e4e34.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 10A0 218 KB
63 KB 9ms
9ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-50d8eb5ba58d8c080f23c2a1914e4e34.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-24fb1d5ebdd7887d32aa30e543bf5a4d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d7ed76d5c5b5fe75d167de2d539bdd5f876a64689d9cd8233bd0dfa811fb7f55

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-24fb1d5ebdd7887d32aa30e543bf5a4d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:48 GMT
content-encoding: br
vary: Accept-Encoding
age: 262
via: 1.1 varnish
x-cache: HIT
content-length: 64009
x-amz-id-2: PqOsG7A1ZYn7kOuH/r+QoCCS5tMnJ9wJqDdVk96rihhnHaXSekPAgHXZr+4HBOz8aAJudAh0kkM=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Fri, 10 Sep 2021 18:45:23 GMT
server: AmazonS3
etag: "be85fa3fcea3620b6727a81338a4dbd3"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: NV9TYBPHCKWJ73MB
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 7

GET
H2 200 elements-inner-payment-request-2793b2033e7ec42db09bc8bb47558c6b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 10A0 35 KB
11 KB 10ms
10ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-2793b2033e7ec42db09bc8bb47558c6b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-24fb1d5ebdd7887d32aa30e543bf5a4d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

921d53a1e26789bfb9e3719884fad804a9680202c3675c244bc8fc0e6fc1ae64

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-24fb1d5ebdd7887d32aa30e543bf5a4d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:48 GMT
content-encoding: br
vary: Accept-Encoding
age: 225
via: 1.1 varnish
x-cache: HIT
content-length: 10707
x-amz-id-2: 6N2tTulLcwoM2R2MmB4XJxppPkmMx6aaylvTgA/VyeHEsQz3mTYXcsYr3gsTyrbTqAimDwGJvss=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Wed, 08 Sep 2021 17:49:27 GMT
server: AmazonS3
etag: "56980ff02a3a8cb66be3b30d651a42ce"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: DDG5E2FN2KVNBW4R
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 2

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 22ms
22ms XHR
text/plain 64.233.184.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=276060280&t=event&ni=0&_s=1&dl=https%3A%2F%2Fdonate.heritageaction.com%2Fdonate&ul=en-us&de=UTF-8&dt=Donate%20Today!%20%7C%20Heritage%20Action%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=button%20loaded&ea=undefined&el=apple%20pay%20button%20loaded&_u=aGDACEALBAAAAG~&jid=435152041&gjid=501043060&cid=1544108741.1631502767&tid=UA-73658561-7&_gid=1887336322.1631502767&_r=1&gtm=2wg910NTQZ9N&cd41=anonymous&cd58=f&z=174376136

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.184.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.heritageaction.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.heritageaction.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
23 B 49ms
23ms XHR
text/plain 142.251.5.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-73658561-7&cid=1544108741.1631502767&jid=435152041&gjid=501043060&_gid=1887336322.1631502767&_u=aGDACEALBAAAAG~&z=936315496

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.heritageaction.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Sep 2021 03:12:48 GMT
content-type: text/plain
access-control-allow-origin: https://donate.heritageaction.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 163ms
162ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.create&event_count=17&timestamp=1631502768065&event_id=e37611e8-ca6a-4375-b607-500f3ef15d20&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600&options-style-paymentRequestButton-type=paymentRequestButton&options-style-paymentRequestButton-buttonTheme=dark&options-style-paymentRequestButton-buttonType=donate&options-style-paymentRequestButton-height-value=52px&options-betas=&options-componentName=paymentRequestButton&options-wait=false&options-rtl=false&element=paymentRequestButton

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8832 0
213 B 170ms
170ms XHR
application/octet-stream 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-99bc0d38b9c35235d8312653d40e9a86.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Sep 2021 03:12:48 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 165ms
162ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=19&timestamp=1631502768074&event_id=534a5234-f3b6-45b7-93c1-663d5b45e821&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600&dom_loading=17&dom_interactive=72&dom_complete=74&since_sjs_load=937&since_stripe_create=800&since_group_create=800&since_create=800&mount_duration=71&since_fetch=71&load_count=1&match_frame=true&resource_timings-ui-shared.css-transfer_size=3063&resource_timings-ui-shared.css-duration=7&resource_timings-shared.js-transfer_size=45926&resource_timings-shared.js-duration=12&resource_timings-ui-shared.js-transfer_size=64309&resource_timings-ui-shared.js-duration=14&resource_timings-elements-inner-payment-request.js-transfer_size=11007&resource_timings-elements-inner-payment-request.js-duration=13&element=paymentRequestButton

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8832 43 B
285 B 163ms
162ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.event.ready&event_count=20&timestamp=1631502768075&event_id=45d72c7b-b344-4c0b-af87-c4e66d970c7c&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767427&wrapper=unknown&es_module=false&frame_width=1600&element=paymentRequestButton

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 30ms
29ms Image
image/gif 74.125.133.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-73658561-7&cid=1544108741.1631502767&jid=435152041&_u=aGDACEALBAAAAG~&z=621756190

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.133.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 72ms
35ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=521982118334171&ev=Microdata&dl=https%3A%2F%2Fdonate.heritageaction.com%2Fdonate&rl=&if=false&ts=1631502768162&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20Today!%20%7C%20Heritage%20Action%20for%20America%22%2C%22meta%3Adescription%22%3A%22Heritage%20Action%20for%20America%20needs%20your%20help%20to%20advance%20the%20conservative%20agenda%20and%20fight%20back%20against%20the%20Washington%20Establishment.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Donate%20Today!%20%7C%20Heritage%20Action%20for%20America%22%2C%22og%3Adescription%22%3A%22Heritage%20Action%20for%20America%20needs%20your%20help%20to%20advance%20the%20conservative%20agenda%20and%20fight%20back%20against%20the%20Washington%20Establishment.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fdonate.heritageaction.com%2Fdonate%22%2C%22og%3Asite_name%22%3A%22Heritage%20Action%20for%20America%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Fdonate.heritageaction.com%2Fdonate%22%2C%22twitter%3Atitle%22%3A%22Donate%20Today!%20%7C%20Heritage%20Action%20for%20America%22%2C%22twitter%3Adescription%22%3A%22Heritage%20Action%20for%20America%20needs%20your%20help%20to%20advance%20the%20conservative%20agenda%20and%20fight%20back%20against%20the%20Washington%20Establishment.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd35ligi1n5bgzc.cloudfront.net%2Fog_images%2Fimages%2F000%2F015%2F277%2Fopen_graph%2FHAFA_seo-images_support_v2.png%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fd35ligi1n5bgzc.cloudfront.net%2Ftwitter_images%2Fimages%2F000%2F015%2F278%2Fopen_graph%2FHAFA_seo-images_support_v2.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1631502767659.1042354204&it=1631502767358&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 13 Sep 2021 03:12:48 GMT

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/4/intl/de_ALL/ 86 KB
31 KB 29ms
15ms Script
text/javascript 142.251.5.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/4/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f95.1e100.net

Software

sffe /

Resource Hash

73d039528c2cdfbd9e836c5f23c999f801caf8746cd8c5789bfec09c697b9c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 18:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32054
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 21:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Sep 2022 18:47:16 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/4/intl/de_ALL/ 288 KB
88 KB 33ms
19ms Script
text/javascript 142.251.5.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/4/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f95.1e100.net

Software

sffe /

Resource Hash

134376d0d2e8e3b8333cf504dd9cab6d72bf56387d0230e5ba0d29898961f029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 18:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90354
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 21:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Sep 2022 18:47:16 GMT

GET
H3 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 233 B
215 B 36ms
36ms Script
text/javascript 142.251.5.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fdonate.heritageaction.com%2Fdonate&4sAIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&callback=_xdc_._27stsr&key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&token=66100

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/4/intl/de_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f95.1e100.net

Software

mafe /

Resource Hash

9aa4eef1399bc2236d5da0e06dd71afce541028bb2a17a65c38040259417c9f7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 03:12:52 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trusted-types-checker-f788ce808ee686c4eadc2a0f1e7e92d7.js Show response
js.stripe.com/v3/fingerprinted/js/ 172 B
625 B 6ms
6ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-f788ce808ee686c4eadc2a0f1e7e92d7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ed587afd8d52f84b61075b7ae0703f9be962115c9344d23b76d1230504616222

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 03:12:52 GMT
content-encoding: br
vary: Accept-Encoding
age: 59
via: 1.1 varnish
x-cache: HIT
content-length: 118
x-amz-id-2: dE0w8e2yXk0XrMAwpUrvsHJrhtLi62+xh+PGkXJuru2aiYANJq8Gr5yugos84lLtrwHv5mceP/g=
x-served-by: cache-hhn4036-HHN
timing-allow-origin: *
last-modified: Fri, 10 Sep 2021 18:45:23 GMT
server: AmazonS3
etag: "5795cb3136c9c2a0ace8570cfc7349ae"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: V80DHAHAXC63K0X8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 4

GET /
q.stripe.com/ Frame D4CA 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.revv.co
URL: https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_JQ28V5gcHvdmN4emYjiF8vGQ&redirect=https://donate.heritageaction.com/donate

Domain: q.stripe.com
URL: https://q.stripe.com/?event=elements.trusted_types_check&event_count=12&timestamp=1631502772944&event_id=e4500612-93a3-4b35-9efa-a16bf341c837&os=Windows&browserFamily=Chrome&version=cf1baae8a&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fdonate.heritageaction.com&stripe_js_id=5b3df732-bd7f-40f9-b45e-7746ec4d7432&controller_load_time=1631502767411&wrapper=unknown&es_module=false&frame_width=1600&result=ALLOWED

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.heritageaction.com/	1969-12-31 23:59:59	Name: _revv_v3_session Value: eGhHZ1FGNTd5aDRJVW9Vd2VXRzVhTXVWRU1MQUFORUtUYW40RkZuRzdXdXNmRkwvcGptTkFiUzNuSzRFdzh2QU1QNVA5aWtIazBWZGU1MlRNSW5rZnNNSkJHRmRzeXMxN0tSZ2hEbHFRR1pGT3NuUmFrL1psWmRXWFkrREtBUitJRFJuK3E3cjhoVWtJWWVrZzVacVJsWXBDRE5xL2VtN0tua2k1YVNlTmkxdCtvYVVyRVc3M2FILzU0M0ZKRHI1UitvckNvME53c1RRS3JQZGRMUTZma09ZVUFlRjFENkg1Z3VIWlJoMXo3MHNTbzVSTjB1bTB6N2R1cVhWdDh0SG04cnlDd29ySzBwblBpTGtKUENkUUg0MjZZYnpHK3Q3TlBBVEJ2Y0ZPK211dmkzQWp2RCtCSVFUNEE2T2VJVVowVGkrditDaHFlOVBETzJuTDJzWlBua200QzhzOFMyVzFrV2szVUgzUjhjPS0tdnFYSzVXSnU2SEtRUkM3blhWakVYQT09--bb06fcd43698b0ddb5912be00b3c46f039b920ba
donate.heritageaction.com/	1969-12-31 23:59:59	Name: origin_url Value: https://donate.heritageaction.com/donate
.heritageaction.com/	1970-01-20 14:42:54	Name: _ga Value: GA1.2.1544108741.1631502767
.heritageaction.com/	1970-01-19 21:13:09	Name: _gid Value: GA1.2.1887336322.1631502767
.heritageaction.com/	1970-01-19 21:11:42	Name: _gat Value: 1
.revv.co/	1970-01-19 21:11:44	Name: __cf_bm Value: do2irVbon3MqFDhIn0HiZu4BlBcxaDLbCez7H42qI1A-1631502767-0-ARbTv+LH1aqJfoYFkIVFzfxuPOozHDuu5hDntgJy5VSH53ftwVw9iVhAAafzM6yOoJmcApq9+AVoCNNIbG0RkV6PyFgwSH50znPvs2U17hLo
.heritageaction.com/	1970-01-19 23:21:18	Name: _gcl_au Value: 1.1.630216837.1631502767
.donate.heritageaction.com/	1970-01-19 21:11:44	Name: __cf_bm Value: bAYVqIgIIAv6Su.Fyz9QPct4WRt6fS7cT4qblB680uQ-1631502767-0-ATQMWMyT62TNAoS01zjM1xz5mKvn+5IF70LhSTDk4JWWgesZK+ispnqkwCbkuvQwi65V8kPPh9sK0ULWT9jM2v6GRe9/q298M+H7btWoTReVQ4cznKItwruzkvkddPgWlPdFwmp4T/IhgEujFFFUUkM0fkkFtRyn2DLgjBEQ5C4t7+m0VufOuWjzt4uNdwDEnA==
.heritageaction.com/	1970-01-19 21:11:42	Name: _dc_gtm_UA-73658561-7 Value: 1
.heritageaction.com/	1970-01-19 21:11:42	Name: _gat_UA-39780635-166 Value: 1
.google.com/	1970-01-20 01:35:13	Name: NID Value: 223=xlnlK6kVwL28MNIXYX5dwUWR4QAuwWc39uVomhgh9skn3dz-JmmhERjTdWB1gbalQZ_2GgvbTfcxEDTWFllmmIlO3pJKz7D3VhMwDqdVNtuKLtwr7nug9h7ap6QrQ8g1ypnac8T5N1JzucdACWwFEUe0jJfSIgn1KUJ4vcyMBzU
.doubleclick.net/	1970-01-19 21:11:43	Name: test_cookie Value: CheckForPermission
.heritageaction.com/	1970-01-19 23:21:18	Name: _fbp Value: fb.1.1631502767659.1042354204
.heritageaction.com/	1970-01-19 21:11:42	Name: _gat_UA-73658561-7 Value: 1
m.stripe.com/	1970-01-20 14:42:54	Name: m Value: 808fcd8b-19a1-4c0e-9139-7ff17fcaaa2fb0372b
.donate.heritageaction.com/	1970-01-20 05:57:18	Name: __stripe_mid Value: 0298aa0b-f0db-4fa3-8c6b-49cc7bb2176c254531
.donate.heritageaction.com/	1970-01-19 21:11:44	Name: __stripe_sid Value: c30f8215-6d5f-4d03-8428-2a47e5a6191278c610

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://donate.heritageaction.com/donate Message: Access to XMLHttpRequest at 'https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_JQ28V5gcHvdmN4emYjiF8vGQ&redirect=https://donate.heritageaction.com/donate' from origin 'https://donate.heritageaction.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_JQ28V5gcHvdmN4emYjiF8vGQ&redirect=https://donate.heritageaction.com/donate Message: Failed to load resource: net::ERR_FAILED
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.revv.co
connect.facebook.net
d35ligi1n5bgzc.cloudfront.net
donate.heritageaction.com
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
secure.heritageaction.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
app.revv.co
q.stripe.com
104.20.4.67
13.225.25.14
13.225.25.33
142.250.102.92
142.251.5.102
142.251.5.154
142.251.5.95
151.101.112.176
159.203.182.246
185.60.218.24
185.60.218.35
34.215.192.98
54.186.23.98
54.187.119.242
64.233.184.138
64.233.184.155
64.233.184.97
66.102.1.94
74.125.133.104
74.125.71.157
01334f93dc2f64c794207b86631a5d90a5dfb3e5d73f8a1d32186579311b6d10
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0f84107555307e0d51df3e30c5e548d60893e57aecb9237bb72b27202cddf0ae
0fbdc3228822feabe9c97c30d9f5ca6456e84f22588bb112bba262eabbea914e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
134376d0d2e8e3b8333cf504dd9cab6d72bf56387d0230e5ba0d29898961f029
13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00
195e613b7249e1908f9f4e94ed8d5944081964c2e9b797b32417629b941f8a91
1b8fa2ec891dbc4865e965c691b3396fbb88f5cc8329d9a92d97b36fbb452097
205145a105df0cfe48c31181c82ec93fbef8907bfa527923a4a10936993b1f3a
29592bdddb13de2e24d6bf9718ab1eca6ab85b99eb0b7062c2b7467ee79a33ea
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
39bdfb7dcb123f54b90fda7938861f05af7360a3f780a333b635e19c30d666c3
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50cf3499f3f3e660c8d1a6001308c32306961043c33df07163b8f817b63c930e
52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde
5c17a397b3dc2cd54e14c0cb1c49b4b8cca1ebbf9c53841566ce8ad2799b2da4
5e297539166b3c991cc591937a4534a7fa5855d20f148439ad6285fcf55faf33
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
67adba40b81eecd8636d38a0eda3843446f074d861494fdfe13021ad4a122c3c
6a2a9f70565ca97041226a5fc873542ef2315739567d662fe5ce24d796690996
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73d039528c2cdfbd9e836c5f23c999f801caf8746cd8c5789bfec09c697b9c40
7e351347260b1e39af4b02e32e6b7048c03ead0b692028f0b3cc247db2032cae
807d570c16663e8b11121736937e3855958062e08336811485c38f1df02b6c1f
80e30d6949eb2ee49bbbe426a526d0b600ef714ed7d484e3db778001f138621f
8227a862b924b10dd6f1937cc73288d73111599d2968728fc762baf159cc3e78
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57
8e590b183041f83e69002df431249c4a1d4aaaaab515106170719328365d81be
9019bbfb65880611d2346193e26d40a607bfafd33218a6b022addbecb3ffa045
921d53a1e26789bfb9e3719884fad804a9680202c3675c244bc8fc0e6fc1ae64
945b0e9a1e6aeeba916af64f2e60e222459aa11f8941c359143f1cb147cd4bbe
98d6afd4f3f8d1c5833e35324946f328d919c0a6d928401416ea5561eee6bcf2
9aa4eef1399bc2236d5da0e06dd71afce541028bb2a17a65c38040259417c9f7
9f01594274fdedce530a41ea1b9b04269063329ec3975d2e8ca8afccb090efd2
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a262049f1c0efa0d8c4cf2b19e063c24143873fa748adb85b5186ea90b3f799e
af81c6b5192acd2e8e072bc69dc79f2c09d23f8818d65424cea6cbbe87f29737
b269412b51020a8a389f34f1a4af2139e5a0ff45e529c94531777f7b60de2f0e
b33042d54518467ee6d803b809e388c9570895d03926c7e50c7fa8c932608961
b80585b13b99b3727c0d66498a3c7db62de9a69f210f2aa5b4ca883678a1e2f8
c22cb3eb2d0c10211753b2800bc15a7348ba6c4404c9b6cb63514fb907243e28
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
c59772f24599a030e66e1166111017bd81d634bac10e95bc4176dd0ed0e42c02
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7ed76d5c5b5fe75d167de2d539bdd5f876a64689d9cd8233bd0dfa811fb7f55
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6
ed587afd8d52f84b61075b7ae0703f9be962115c9344d23b76d1230504616222
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4715520a7bc364472be74ae22f933e50c4e33b6fcc161aa1e6b7c6f434adbb9
f4a2e6df0542ecc03ada3b84464679ec0e5f32179b8f405db7e58efe37589703
fccc32e79e6f530f4cb8c98187d3056b12ba82de80f9dec22385efdf3834b57a
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe9a44d87929bf3cd3e9b1ca86d89fe00039068ad84f115eb62f132c37f2a08c
fed28fdcf73fc955a69a8750d2922bfa6852db8462a9f228b2cb3e6fbe109734

donate.heritageaction.com Open in urlscan Pro 104.20.4.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

120 Requests

98 %HTTPS

0 %IPv6

14 Domains

21 Subdomains

20 IPs

4 Countries

2010 kBTransfer

6678 kBSize

17 Cookies

6 Outgoing links

Page URL History

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

donate.heritageaction.com Open in urlscan Pro
104.20.4.67 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

21
Subdomains

20
IPs

4
Countries

2010 kB
Transfer

6678 kB
Size

17
Cookies

120 HTTP transactions
0 data transactions