give.stanford.edu Open in urlscan Pro
2a05:d014:275:cb01:190c:7f02:2b97:3b21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://makeapledgepayment.stanford.edu/
Effective URL:
https://give.stanford.edu/
Submission: On February 15 via automatic, source certstream-suspicious (February 15th 2023, 8:00:18 am UTC) — Scanned from DE

Summary HTTP 118 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 9 domains to perform 118 HTTP transactions. The main IP is 2a05:d014:275:cb01:190c:7f02:2b97:3b21, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is give.stanford.edu.
TLS certificate: Issued by R3 on December 11th 2022. Valid for: 3 months.

This is the only time give.stanford.edu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.81.116.232 54.81.116.232	14618 (AMAZON-AES) (AMAZON-AES)
2 22	2a05:d014:275... 2a05:d014:275:cb01:190c:7f02:2b97:3b21	16509 (AMAZON-02) (AMAZON-02)
13	99.86.4.99 99.86.4.99	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:808::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.214.90 52.222.214.90	16509 (AMAZON-02) (AMAZON-02)
33	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:238... 2600:9000:238d:aa00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
13	174.143.96.180 174.143.96.180	33070 (RMH-14) (RMH-14)
1	44.233.72.180 44.233.72.180	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	151.101.128.97 151.101.128.97	54113 (FASTLY) (FASTLY)
4	2a00:1450:401... 2a00:1450:4013:c00::5c	() ()
1	18.202.131.124 18.202.131.124	() ()
4	2a00:1450:400... 2a00:1450:400d:803::2003	() ()
13	2a00:1450:400... 2a00:1450:400d:807::200e	() ()
118	17

1 54.81.116.232 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-116-232.compute-1.amazonaws.com

makeapledgepayment.stanford.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a05:d014:275:cb01:190c:7f02:2b97:3b21 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

give.stanford.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.stanford.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 99.86.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-90.fra56.r.cloudfront.net

www-media.stanford.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:238d:aa00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 174.143.96.180 (United States)

ASN33070 (RMH-14, US)

widgets2.kimbia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.kimbia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.233.72.180 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-72-180.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.97 (United States)

ASN54113 (FASTLY, US)

cdn.kimbia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4013:c00::5c (None, )

ASN- ()

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.131.124 (None, )

ASN- ()

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:803::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:807::200e (None, )

ASN- ()

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	stripe.com js.stripe.com — Cisco Umbrella Rank: 1255 q.stripe.com — Cisco Umbrella Rank: 8027 m.stripe.com — Cisco Umbrella Rank: 1235 merchant-ui-api.stripe.com r.stripe.com	471 KB
24	stanford.edu 3 redirects makeapledgepayment.stanford.edu give.stanford.edu assets.stanford.edu www-media.stanford.edu — Cisco Umbrella Rank: 197124	585 KB
17	google.com pay.google.com play.google.com	405 KB
16	kimbia.com widgets2.kimbia.com cdn.kimbia.com api.kimbia.com	797 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	162 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 41 region1.google-analytics.com — Cisco Umbrella Rank: 2213	20 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1317	16 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	145 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	2 KB
118	9

	Domain	Requested by
25	r.stripe.com	js.stripe.com
21	give.stanford.edu	2 redirects give.stanford.edu
13	play.google.com	www.gstatic.com
13	js.stripe.com	give.stanford.edu js.stripe.com
8	api.kimbia.com	widgets2.kimbia.com
8	q.stripe.com	give.stanford.edu
5	widgets2.kimbia.com	give.stanford.edu widgets2.kimbia.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	js.stripe.com pay.google.com give.stanford.edu www.gstatic.com
4	fonts.gstatic.com	fonts.googleapis.com
3	cdn.kimbia.com	widgets2.kimbia.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.googletagmanager.com	give.stanford.edu www.googletagmanager.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	region1.google-analytics.com	www.googletagmanager.com
1	m.stripe.com	m.stripe.network
1	www-media.stanford.edu	give.stanford.edu
1	assets.stanford.edu	give.stanford.edu
1	fonts.googleapis.com	give.stanford.edu
1	makeapledgepayment.stanford.edu	1 redirects
118	21

This site contains links to these domains. Also see Links.

Domain
www.stanford.edu
giving.stanford.edu
givinghistory.stanford.edu
visit.stanford.edu
emergency.stanford.edu
uit.stanford.edu
adminguide.stanford.edu
bulletin.stanford.edu

Subject Issuer	Validity	Valid
buckcardinalclub.stanford.edu R3	`2022-12-11` - `2023-03-11`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
asset.stanford.edu R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www-media.stanford.edu InCommon RSA Server CA	`2023-02-06` - `2024-02-06`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
*.kimbia.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-08-30` - `2023-09-30`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-08` - `2023-04-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://give.stanford.edu/
Frame ID: 610C7A92FC62FE8E4303E21F07666621
Requests: 44 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: D3EF481B2797A6D19480EE8D938C7314
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: FE7D559D556EC03A6839DD85FC9AE075
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-3eff5ac68e7646ce0669579e4f7c3f39.html
Frame ID: FB5DBF9D44CA4CBF041B75E73C108294
Requests: 31 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-c8dde33935562c246e8caf2e3aa82ae8.html
Frame ID: D03E4AE6CBFDC37C63018403BF45BCB2
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-89ceae8ba88760164fb4f36786899cef.html
Frame ID: CA5B966673913426F48871122769BEB3
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 72729E9FD960630213D3AB794C804AA3
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Make a Gift to Stanford | Make a Gift

Page URL History Show full URLs

https://makeapledgepayment.stanford.edu/ HTTP 307
https://give.stanford.edu/ Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

118
Requests

99 %
HTTPS

56 %
IPv6

9
Domains

21
Subdomains

17
IPs

3
Countries

2602 kB
Transfer

6251 kB
Size

8
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.stanford.edu/
Title: Stanford University

Search URL Search Domain Scan URL

URL: https://giving.stanford.edu/how-to-make-a-gift/
Title: Phone or mail (external link)

Search URL Search Domain Scan URL

URL: https://giving.stanford.edu/how-to-make-a-gift/transfers/wire/
Title: Wire transfers (external link)

Search URL Search Domain Scan URL

URL: https://giving.stanford.edu/how-to-make-a-gift/international/
Title: International gifts (external link)

Search URL Search Domain Scan URL

URL: https://giving.stanford.edu/how-to-make-a-gift/transfers/securities/
Title: Stocks and securities (external link)

Search URL Search Domain Scan URL

URL: https://givinghistory.stanford.edu/
Title: Your giving history (external link)

Search URL Search Domain Scan URL

URL: https://giving.stanford.edu/contact/
Title: Contact information (external link)

Search URL Search Domain Scan URL

URL: https://visit.stanford.edu/plan/
Title: Maps & Directions(link is external)

Search URL Search Domain Scan URL

URL: https://www.stanford.edu/search/
Title: Search Stanford(link is external)

Search URL Search Domain Scan URL

URL: https://emergency.stanford.edu/
Title: Emergency Info(link is external)

Search URL Search Domain Scan URL

URL: https://www.stanford.edu/site/terms/
Title: Terms of Use(link is external)

Search URL Search Domain Scan URL

URL: https://www.stanford.edu/site/privacy/
Title: Privacy(link is external)

Search URL Search Domain Scan URL

URL: https://uit.stanford.edu/security/copyright-infringement
Title: Copyright(link is external)

Search URL Search Domain Scan URL

URL: https://adminguide.stanford.edu/chapter-1/subchapter-5/policy-1-5-4
Title: Trademarks(link is external)

Search URL Search Domain Scan URL

URL: https://bulletin.stanford.edu/pages/c7vDgeOuJIfpZe8GKmW3
Title: Non-Discrimination(link is external)

Search URL Search Domain Scan URL

URL: https://www.stanford.edu/site/accessibility
Title: Accessibility(link is external)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://makeapledgepayment.stanford.edu/ HTTP 307
https://give.stanford.edu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://give.stanford.edu/api/auth/session HTTP 302
https://give.stanford.edu/403 HTTP 301
https://give.stanford.edu/403/

118 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
give.stanford.edu/
Redirect Chain

https://makeapledgepayment.stanford.edu/
https://give.stanford.edu/

71 KB
13 KB

488ms
42ms

Document
text/html

2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

ac00e9b5ed5241dedf84c506595cdea83719d22fa23c7e19062b04a71fa6f7a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
age: 571230
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 12074
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 17:19:42 GMT
etag: "6dcbc40349c6baba107927bfe94d6dd3-ssl-df"
link: </webpack-runtime-a13a35d599648fca17a6.js>; rel=preload; as=script, </framework-21bcf11f3151ebb2260f.js>; rel=preload; as=script, </app-63b24c2e106f81a9c1e8.js>; rel=preload; as=script, </commons-de0dcb77a3d45b2cd1e4.js>; rel=preload; as=script, </component---src-templates-storyblok-entry-js-a4b32099b7a47659d7dd.js>; rel=preload; as=script, </page-data/app-data.json>; rel=preload; as=fetch; crossorigin, </page-data/index/page-data.json>; rel=preload; as=fetch; crossorigin
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
referrer-policy: origin-when-cross-origin
server: Netlify
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GSA1D5TF40FBRPJMCS87WH2D

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Wed, 15 Feb 2023 08:00:11 GMT
Location: https://give.stanford.edu
Server: nginx
custom: Custom A

GET
H2 200 webpack-runtime-a13a35d599648fca17a6.js Show response
give.stanford.edu/ 4 KB
2 KB 123ms
121ms Script
application/javascript 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/webpack-runtime-a13a35d599648fca17a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

cd68c0ed75d83dbc6e83f2646c1c29e8dbeaa0522a8b80cebe65fe187f99d3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D5VZ2NMDW6JGK2DY3SWQ
date: Thu, 09 Feb 2023 10:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
age: 510889
content-length: 1802
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "99213ab532681cac35c434478a4c16d8-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 framework-21bcf11f3151ebb2260f.js Show response
give.stanford.edu/ 127 KB
40 KB 123ms
122ms Script
application/javascript 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/framework-21bcf11f3151ebb2260f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

0a1fb6374bdd55b94a440c299d245529f8d9f3488a941ebd47f5f89e7be4b8d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D5VZF77HW11ZKHRFFNRD
date: Thu, 09 Feb 2023 10:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
age: 510890
content-length: 40758
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "407080dd768909b2a27d7dddfbbad27b-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 app-63b24c2e106f81a9c1e8.js Show response
give.stanford.edu/ 261 KB
75 KB 44ms
42ms Script
application/javascript 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/app-63b24c2e106f81a9c1e8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

4b577e5f1857c17519329fd3762a1315a0bdb3e661044c73089bdf8664907340

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D5VZXR639V403SXYW7T2
date: Thu, 09 Feb 2023 10:05:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
age: 510889
content-length: 76864
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "f3d96d49108c3e5bb5679fe114f6ed23-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 commons-de0dcb77a3d45b2cd1e4.js Show response
give.stanford.edu/ 257 KB
50 KB 82ms
81ms Script
application/javascript 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/commons-de0dcb77a3d45b2cd1e4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

c1dd7f39f52cc787947daeb8a87fc6bc019a236b1ca6cb46b7bccf00d6c5e5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D5VZ8ERG475V5JR4Z2QA
date: Thu, 09 Feb 2023 10:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
age: 510890
content-length: 51503
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "6d14902e94c66f5e74f6cc718c75be3e-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 component---src-templates-storyblok-entry-js-a4b32099b7a47659d7dd.js Show response
give.stanford.edu/ 2 KB
999 B 43ms
42ms Script
application/javascript 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/component---src-templates-storyblok-entry-js-a4b32099b7a47659d7dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

1b08bd48035ed307a77be18b4037f3a991c8a290ec50b7223a18b3f96d626f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D5VZFWDB1364XGVKH1D7
date: Thu, 09 Feb 2023 10:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
age: 510889
content-length: 851
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "149a2aba9ec610861999b4b152863cee-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 app-data.json
give.stanford.edu/page-data/ 50 B
186 B 42ms
41ms Other
application/json 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/page-data/app-data.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

ac6873ec9f760429ab635154c818f02d94fe3e6141d34008b29b0231c52b44d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://give.stanford.edu/
Origin: https://give.stanford.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D5VZ4YP202NRDYJKYMDF
date: Thu, 09 Feb 2023 10:05:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
age: 510889
content-length: 50
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "329896369b2cef1b5fe105177e1e9772-ssl"
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 page-data.json
give.stanford.edu/page-data/index/ 9 KB
3 KB 152ms
152ms Other
application/json 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/page-data/index/page-data.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a48938a41e345d82e07b3a9d95e879a5f19d2246607fbb21e6305fefb336e197

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://give.stanford.edu/
Origin: https://give.stanford.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D5VZC6ST6WTKM451PQW5
date: Wed, 15 Feb 2023 08:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
age: 0
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "77a5fcaff919cb12a05b059139b8e8fb-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 v3 Show response
js.stripe.com/ 437 KB
105 KB 174ms
46ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e861595fa7024f9db1f207582d5d79149e244e4118e7c71975a6c816e9dd5922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 15 Feb 2023 08:00:01 GMT
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 11
x-cache: Hit from cloudfront
last-modified: Tue, 14 Feb 2023 21:54:56 GMT
server: Cloudfront
etag: W/"c581f2125aefc6abf71e57ed1ac7411d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 9os22U2nMmQgcOyuKjLF-LCUNOH3PFC8eVYkIGWJro2sXFPJRv3w8g==

GET
H2 200 css2
fonts.googleapis.com/ 26 KB
2 KB 208ms
80ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&family=Source+Serif+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9408f39984c8ca29f018681e70320583511ca5bae058761bf0efa4a665188a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 08:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 08:00:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Feb 2023 08:00:12 GMT

GET
H2 200 2113475133.json
give.stanford.edu/page-data/sq/d/ 43 B
134 B 90ms
89ms Other
application/json 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/page-data/sq/d/2113475133.json

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

4dbd2d6a9d8933cdd26df1809257010c691bdedc772dd8287e26cdd8963ccbca

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://give.stanford.edu/
Origin: https://give.stanford.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D5X1YKQ7BKGKX6ZBD43F
date: Thu, 09 Feb 2023 10:05:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
age: 510889
content-length: 43
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "768c5dcd2cbe6c3bea62b13909af5050-ssl"
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 3482722353.json
give.stanford.edu/page-data/sq/d/ 184 B
276 B 117ms
116ms Other
application/json 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/page-data/sq/d/3482722353.json

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

52b0ae863257fa1adbd5f325acaf55fb810b68ae9bdf7df51c5ca6cb9277d2d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://give.stanford.edu/
Origin: https://give.stanford.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D5X1RRF8NHHJHQGFYMJX
date: Thu, 09 Feb 2023 10:05:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
age: 510889
content-length: 184
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "f74dd50afe70bb0c9ea058d214ab5d5a-ssl"
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 3764592887.json
give.stanford.edu/page-data/sq/d/ 136 B
228 B 90ms
89ms Other
application/json 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/page-data/sq/d/3764592887.json

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

f3eb514517bd554fb4f8dc46a749396c763d412cca3ac958b8c57d17da9a0354

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://give.stanford.edu/
Origin: https://give.stanford.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D5X1ATZDSMDEPG64CM96
date: Thu, 09 Feb 2023 10:05:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
age: 510889
content-length: 136
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "1fed3c00e7418457c33c1a8851edb596-ssl"
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 25009304711_b36a02384e_o.jpg
assets.stanford.edu/i/2000x0/smart/filters:quality(60)/f/102579/7308x4877/b178ed4808/ 364 KB
364 KB 330ms
56ms Image
image/jpeg 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.stanford.edu/i/2000x0/smart/filters:quality(60)/f/102579/7308x4877/b178ed4808/25009304711_b36a02384e_o.jpg

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e4e744e2598891bca74d6f104dcf784fc1a8a72941196624529ad9500fe016b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D6CDZD5KS34PXFVXSJKG
date: Sun, 29 Jan 2023 14:04:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
server: Netlify
age: 1446931
x-amz-cf-pop: FRA56-C1
etag: "817eab44f1ceb8007cabcf41934c1d1b99b8f289"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000,public
x-amz-cf-id: HWcjdlEBhmFn7lp3XkHZro5fQn470PW9AxIoekqKc1j98SFmyalX4A==
content-length: 372426
expires: Mon, 29 Jan 2024 14:04:41 GMT

GET
H2 200 su-giving-v3.css
give.stanford.edu/ 33 KB
6 KB 42ms
41ms Stylesheet
text/css 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/su-giving-v3.css

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

9a030d824fb510b636b4aa7dba74476620a08a6d4ca47c62c49ce1e3e84ec8b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D62HHWDD945HYB9PH49V
date: Thu, 09 Feb 2023 10:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
age: 510889
content-length: 6073
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "a87d42f03eaa8e57c8d742a8f211b8c0-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 204 KB
70 KB 221ms
92ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RGQ5DD

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5736e4d04e863d87d0e60a89444644f484c4cb9e763778cc14a3aa3cba480824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:00:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70875
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Feb 2023 08:00:12 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 131ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&family=Source+Serif+Pro:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.stanford.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 13:30:55 GMT
x-content-type-options: nosniff
age: 325757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Feb 2024 13:30:55 GMT

GET
H2 200 stanford.woff
www-media.stanford.edu/assets/fonts/ 7 KB
8 KB 441ms
57ms Font
application/font-woff 52.222.214.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www-media.stanford.edu/assets/fonts/stanford.woff
Requested by: Host: give.stanford.edu
URL: https://give.stanford.edu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-90.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e33a04aa1d9454ad7356d6f24716eb8897d6777aef35b2176360e2cdfbec839

Request headers

Referer: https://give.stanford.edu/
Origin: https://give.stanford.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:01:59 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
last-modified: Fri, 02 Nov 2018 02:49:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 35894
etag: "29e3779483bc895904bdca5c801fe4d1"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 7552
x-amz-cf-id: cT4pt47QrrFQA27sA-6NYptGUdHq9w3HjH2HvzzA2dHsr9_xw8gQhA==

GET
H2 200 neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v15/ 20 KB
21 KB 171ms
81ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v15/neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42a2e1e2995c1b5d0716ac0c6f2eef70ad416c8993b87b95954e15a3c77b26a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.stanford.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 09:44:52 GMT
x-content-type-options: nosniff
age: 512120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:27:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 09:44:52 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 139ms
49ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.stanford.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 00:07:42 GMT
x-content-type-options: nosniff
age: 28350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 00:07:42 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame D3EF 200 B
1 KB 41ms
40ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.stanford.edu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2916
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 15 Feb 2023 07:12:42 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Tue, 07 Feb 2023 17:44:43 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-id: Fqs4fVH1_iiKsS_njFNL0vqS9Tvo8yBh2zV2elqX3TouSYGRDD9YSg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2

200

/ Show response
give.stanford.edu/403/
Redirect Chain

https://give.stanford.edu/api/auth/session
https://give.stanford.edu/403
https://give.stanford.edu/403/

69 KB
11 KB

41ms
41ms

Fetch
text/html

2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/403/

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

4330a2a853e36bac860cf3c8f7f214b5ee10f661e7961832d3ea3a4e2bc864fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D6DHT6590A9E372HM51B
date: Thu, 09 Feb 2023 10:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
age: 510887
content-length: 11632
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "44385106875e596ee5fbee26f08c81aa-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
link: </webpack-runtime-a13a35d599648fca17a6.js>; rel=preload; as=script, </framework-21bcf11f3151ebb2260f.js>; rel=preload; as=script, </app-63b24c2e106f81a9c1e8.js>; rel=preload; as=script, </commons-de0dcb77a3d45b2cd1e4.js>; rel=preload; as=script, </component---src-templates-storyblok-entry-js-a4b32099b7a47659d7dd.js>; rel=preload; as=script, </page-data/app-data.json>; rel=preload; as=fetch; crossorigin, </page-data/403/page-data.json>; rel=preload; as=fetch; crossorigin

Redirect headers

x-nf-request-id: 01GSA1D6C72MFAGRRSA885N0BM
date: Thu, 09 Feb 2023 10:05:25 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
age: 510887
content-length: 11632
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "44385106875e596ee5fbee26f08c81aa-ssl-df"
x-frame-options: DENY
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /403/
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
link: </webpack-runtime-a13a35d599648fca17a6.js>; rel=preload; as=script, </framework-21bcf11f3151ebb2260f.js>; rel=preload; as=script, </app-63b24c2e106f81a9c1e8.js>; rel=preload; as=script, </commons-de0dcb77a3d45b2cd1e4.js>; rel=preload; as=script, </component---src-templates-storyblok-entry-js-a4b32099b7a47659d7dd.js>; rel=preload; as=script, </page-data/app-data.json>; rel=preload; as=fetch; crossorigin, </page-data/403/page-data.json>; rel=preload; as=fetch; crossorigin

POST
H2 200 csp-report
q.stripe.com/ Frame D3EF 0
601 B 687ms
203ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 15 Feb 2023 08:00:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D3EF 0
600 B 687ms
204ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 15 Feb 2023 08:00:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D3EF 631 B
1 KB 42ms
41ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 15 Feb 2023 07:12:42 GMT
x-content-type-options: nosniff
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2915
x-cache: Hit from cloudfront
content-length: 631
last-modified: Tue, 07 Feb 2023 17:44:43 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: kEi9-xL2vGA3sVD1B9PLBCBJ5BYWiISMk8iu2JKLG1PxmXvkpGTIWg==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame FE7D 930 B
2 KB 145ms
40ms Document
text/html 2600:9000:238d:aa00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:238d:aa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 137
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 15 Feb 2023 07:57:55 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 e086ec27af2d3105a1a9fa7efa1be454.cloudfront.net (CloudFront)
x-amz-cf-id: qOoqLxnQ8uP7X83hKB-CAbrI-SiS2Kwam3kueQOYjxxe3HmWZ0W9ag==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame FE7D 0
374 B 483ms
204ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Wed, 15 Feb 2023 08:00:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame FE7D 86 KB
14 KB 46ms
45ms Script
text/javascript 2600:9000:238d:aa00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:238d:aa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 15 Feb 2023 07:57:28 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 e086ec27af2d3105a1a9fa7efa1be454.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 167
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: eAlafIX5d0MOwPuzCB2XNRUoQHZXXRNTpFYn2apbEZ7zX6OuPpbGSg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 181ms
52ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RGQ5DD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Feb 2023 07:12:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2884
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 15 Feb 2023 09:12:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
76 KB 89ms
88ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XW519E7SFD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RGQ5DD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fde3dc24bc0a18f171748e03fec858b3322c032e444b6653f16901653370ab13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:00:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77305
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Feb 2023 08:00:12 GMT

GET
H2 200 app-data.json
give.stanford.edu/page-data/ 50 B
186 B 41ms
41ms Other
application/json 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/page-data/app-data.json

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

ac6873ec9f760429ab635154c818f02d94fe3e6141d34008b29b0231c52b44d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://give.stanford.edu/
Origin: https://give.stanford.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D6F7VEYWMB4WY4AJX996
date: Thu, 09 Feb 2023 10:05:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
age: 510889
content-length: 50
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "329896369b2cef1b5fe105177e1e9772-ssl"
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 page-data.json
give.stanford.edu/page-data/403/ 8 KB
2 KB 42ms
41ms Other
application/json 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/page-data/403/page-data.json

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

6010ccd4200c29dfa0c8adbfcb30315fca4ffa85d815f3fc5e63a3519874d8d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://give.stanford.edu/
Origin: https://give.stanford.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D6F76TPY7J163B9PQKR7
date: Fri, 10 Feb 2023 13:28:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
age: 412319
content-length: 2345
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "a65b0cb43a57b52d89beacda5c48bea4-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H/1.1 200 formchooser2.js Show response
widgets2.kimbia.com/Widgets2/formchooser2/ 135 KB
135 KB 932ms
160ms Script
application/javascript 174.143.96.180
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets2.kimbia.com/Widgets2/formchooser2/formchooser2.js?id=3BTD5I5&v=2
Requested by: Host: give.stanford.edu
URL: https://give.stanford.edu/commons-de0dcb77a3d45b2cd1e4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.96.180 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: fecaad604fdac9a8167433c91d926bbc8acf79a360b87291cde7f486e0368ef4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 08:00:13 GMT
Last-Modified: Fri, 13 Jan 2023 18:23:20 GMT
Accept-Ranges: bytes
ETag: W/"138307-1673634200000"
Content-Length: 138307
Content-Type: application/javascript

POST
H2 200 6 Show response
m.stripe.com/ Frame FE7D 156 B
552 B 632ms
214ms XHR
application/json 44.233.72.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.233.72.180 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-233-72-180.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

274ec60fa5e64f16eba2e1d95fb5eb3769ad5e5ca529d52623cbdc9ab63077a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 15 Feb 2023 08:00:13 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 155ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XW519E7SFD&gtm=45je32d0&_p=46499406&cid=430836001.1676448013&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676448012&sct=1&seg=0&dl=https%3A%2F%2Fgive.stanford.edu%2F&dt=Make%20a%20Gift%20to%20Stanford%20%7C%20Make%20a%20Gift&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XW519E7SFD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 08:00:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.stanford.edu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 75ms
74ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=46499406&t=pageview&_s=1&dl=https%3A%2F%2Fgive.stanford.edu%2F&ul=en-us&de=UTF-8&dt=Make%20a%20Gift%20to%20Stanford%20%7C%20Make%20a%20Gift&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=570851115&gjid=1246603450&cid=430836001.1676448013&tid=UA-34471806-29&_gid=898767317.1676448013&_r=1&_slc=1&gtm=45He32d0n815RGQ5DD&z=1168857072

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.stanford.edu/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 08:00:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.stanford.edu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK formList Show response
cdn.kimbia.com/platform/rest/v1/ 335 B
1 KB 683ms
539ms Fetch
application/json 151.101.128.97
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.kimbia.com/platform/rest/v1/formList?widgetId=3BTD5I5&method=formList&format=json

Requested by

Host: widgets2.kimbia.com
URL: https://widgets2.kimbia.com/Widgets2/formchooser2/formchooser2.js?id=3BTD5I5&v=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.97 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

0918aca26221d702c36c8380b1199d2aa620f2260ec6eec4f104f20b85e55992

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' .google.com .gstatic.com .google-analytics.com .stripe.com .paypal.com .abilafundraisingonline.com .cdp.kimbia.com .givegab.com .enterprise.givegab.com .kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security	max-age=2678400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Expires: Mon, 8 Aug 2006 10:00:00 GMT
Content-Security-Policy: script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.stripe.com *.paypal.com *.abilafundraisingonline.com *.cdp.kimbia.com *.givegab.com *.enterprise.givegab.com *.kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security: max-age=2678400; includeSubDomains
Origin: https://give.stanford.edu
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 15 Feb 2023 08:00:15 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache: MISS, MISS
Connection: keep-alive
Content-Length: 200
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=8 env=best-standards-support
X-Served-By: cache-dal21233-DAL, cache-hhn-etou8220052-HHN
Pragma: no-cache
Server: Apache-Coyote/1.1
X-Timer: S1676448015.526358,VS0,VE494
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://give.stanford.edu
Cache-Control: no-cache, no-store, must-revalidate, private
Accept-Ranges: bytes
X-Cache-Hits: 0, 0

GET
H/1.1 200 formchooser2.css
widgets2.kimbia.com/Widgets2/formchooser2/ 2 KB
2 KB 160ms
160ms Stylesheet
text/css 174.143.96.180
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets2.kimbia.com/Widgets2/formchooser2/formchooser2.css
Requested by: Host: widgets2.kimbia.com
URL: https://widgets2.kimbia.com/Widgets2/formchooser2/formchooser2.js?id=3BTD5I5&v=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.96.180 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: c5c619378e77b5e707a62bbcc9427e8488c881ff2c225b1f2b51074f0da720bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 08:00:15 GMT
Last-Modified: Fri, 13 Jan 2023 18:23:20 GMT
Accept-Ranges: bytes
ETag: W/"2044-1673634200000"
Content-Length: 2044
Content-Type: text/css

GET
H/1.1 200 form2.js Show response
widgets2.kimbia.com/Widgets2/form2/ 296 KB
297 KB 322ms
161ms Script
application/javascript 174.143.96.180
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets2.kimbia.com/Widgets2/form2/form2.js?channel=giveform/multigive-one-time-general&id=3BTD5I5&v=2
Requested by: Host: widgets2.kimbia.com
URL: https://widgets2.kimbia.com/Widgets2/formchooser2/formchooser2.js?id=3BTD5I5&v=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.96.180 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 931c8354af049907abe0ce30ca52f2ab333b8c30b2a2d831b0522461727ffe4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 08:00:15 GMT
Last-Modified: Fri, 13 Jan 2023 18:23:24 GMT
Accept-Ranges: bytes
ETag: W/"303470-1673634204000"
Content-Length: 303470
Content-Type: application/javascript

GET
H/1.1 200 form2.js Show response
widgets2.kimbia.com/Widgets2/form2/ 296 KB
297 KB 476ms
157ms Script
application/javascript 174.143.96.180
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets2.kimbia.com/Widgets2/form2/form2.js?channel=giveform/multigive-recurring&id=3BTD5I5&v=2
Requested by: Host: widgets2.kimbia.com
URL: https://widgets2.kimbia.com/Widgets2/formchooser2/formchooser2.js?id=3BTD5I5&v=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.96.180 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 931c8354af049907abe0ce30ca52f2ab333b8c30b2a2d831b0522461727ffe4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 08:00:15 GMT
Last-Modified: Fri, 13 Jan 2023 18:23:24 GMT
Accept-Ranges: bytes
ETag: W/"303470-1673634204000"
Content-Length: 303470
Content-Type: application/javascript

GET
H2 200 page-data.json
give.stanford.edu/page-data/pledge/ 0
3 KB 42ms
41ms Other
application/json 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/page-data/pledge/page-data.json

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/app-63b24c2e106f81a9c1e8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://give.stanford.edu/
Origin: https://give.stanford.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D95DM0KDFBF2ZM13G0CM
date: Mon, 13 Feb 2023 08:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
age: 171370
content-length: 2803
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "cd14fa8bfa6cedba032eec89df7add3c-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 page-data.json Show response
give.stanford.edu/page-data/pledge/ 9 KB
3 KB 41ms
41ms XHR
application/json 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/page-data/pledge/page-data.json

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/app-63b24c2e106f81a9c1e8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

11c9c18fed65501bcb5982195cac067d9e6567c68014267214718efcfcc084a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D96S0KB693YRV8Y3YC23
date: Mon, 13 Feb 2023 08:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
age: 171370
content-length: 2803
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "cd14fa8bfa6cedba032eec89df7add3c-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 component---src-templates-storyblok-entry-js-a4b32099b7a47659d7dd.js
give.stanford.edu/ 0
1005 B 42ms
41ms Other
application/javascript 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.stanford.edu/component---src-templates-storyblok-entry-js-a4b32099b7a47659d7dd.js

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/app-63b24c2e106f81a9c1e8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1D9851GBAZP9WZCQ291CV
date: Thu, 09 Feb 2023 10:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
age: 510892
content-length: 851
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "149a2aba9ec610861999b4b152863cee-ssl-df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H/1.1 200
OK formDefinition Show response
cdn.kimbia.com/platform/rest/v1/ 83 KB
13 KB 620ms
616ms Fetch
application/json 151.101.128.97
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.kimbia.com/platform/rest/v1/formDefinition?method=formDefinition&format=json&argument=.kba%3AeyJjaGFubmVsSWQiOiJnaXZlZm9ybS9tdWx0aWdpdmUtb25lLXRpbWUtZ2VuZXJhbCIsIm1ldGFkYXRhIjp7InJlZmVycmluZ1BhZ2UiOiIiLCJ1bmlxdWVOdW1iZXIiOjk2MzA1NDQyOX19

Requested by

Host: widgets2.kimbia.com
URL: https://widgets2.kimbia.com/Widgets2/form2/form2.js?channel=giveform/multigive-one-time-general&id=3BTD5I5&v=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.97 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

ac12597cc42212840d8e8a582fb671e14ae4a4d075eb2c112fec8f7d0875731e

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' .google.com .gstatic.com .google-analytics.com .stripe.com .paypal.com .abilafundraisingonline.com .cdp.kimbia.com .givegab.com .enterprise.givegab.com .kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security	max-age=2678400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Expires: Mon, 8 Aug 2006 10:00:00 GMT
Content-Security-Policy: script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.stripe.com *.paypal.com *.abilafundraisingonline.com *.cdp.kimbia.com *.givegab.com *.enterprise.givegab.com *.kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security: max-age=2678400; includeSubDomains
Origin: https://give.stanford.edu
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 15 Feb 2023 08:00:16 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache: MISS, MISS
Connection: keep-alive
Content-Length: 11926
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=8 env=best-standards-support
X-Served-By: cache-dal2120086-DAL, cache-hhn-etou8220052-HHN
Pragma: no-cache
Server: Apache-Coyote/1.1
X-Timer: S1676448016.875687,VS0,VE575
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://give.stanford.edu
Cache-Control: no-cache, no-store, must-revalidate, private
Accept-Ranges: bytes
X-Cache-Hits: 0, 0

GET
H2 200 controller-3eff5ac68e7646ce0669579e4f7c3f39.html Show response
js.stripe.com/v3/ Frame FB5D 325 B
1 KB 45ms
45ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-3eff5ac68e7646ce0669579e4f7c3f39.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

aab26954bc7a751db41678a770ad42a2367ed441fcef3988a6813d3b1d27f998

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.stanford.edu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 15 Feb 2023 08:00:13 GMT
etag: "3eff5ac68e7646ce0669579e4f7c3f39"
last-modified: Tue, 14 Feb 2023 21:26:04 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-id: -DiT7xxxrHN1121Yj_2ldXpi-g9s8jwwiElLEkn_ijplaoyTCV8gTw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-c8dde33935562c246e8caf2e3aa82ae8.html Show response
js.stripe.com/v3/ Frame D03E 408 B
1 KB 44ms
44ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-c8dde33935562c246e8caf2e3aa82ae8.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b59c0d29c1765d3868ef2a3a7db6b15fe70a6fb03cdcf99298d2bbe359e34617

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.stanford.edu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1159
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 15 Feb 2023 07:40:59 GMT
etag: "c8dde33935562c246e8caf2e3aa82ae8"
last-modified: Tue, 14 Feb 2023 21:26:17 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-id: Wz-ncwxELL5L5l5Ye3uO-Z2Y7FYKFJkulJCEOw2Jr4ztfoTXPlS_eg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-89ceae8ba88760164fb4f36786899cef.html Show response
js.stripe.com/v3/ Frame CA5B 344 B
1 KB 44ms
44ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-89ceae8ba88760164fb4f36786899cef.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b2b65ba7567194897bd52fba2b83003850e2f752f31f26a781c6135254a260c2

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.stanford.edu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 58
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 15 Feb 2023 07:59:21 GMT
etag: "89ceae8ba88760164fb4f36786899cef"
last-modified: Tue, 14 Feb 2023 21:26:17 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-id: bhK4psV90GN_oOzTtfkQPwoQcK1y32dgYBHJkvmDgSla2UmENvvs3w==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame FB5D 0
600 B 208ms
207ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 15 Feb 2023 08:00:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-010ee5c1f9a01944c6c83443224e6b67.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FB5D 301 KB
72 KB 44ms
44ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-3eff5ac68e7646ce0669579e4f7c3f39.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3540c8121cd5c782ba9b32d34cd96884cffdf0aedd5aa758df0548d15833e92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-3eff5ac68e7646ce0669579e4f7c3f39.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Feb 2023 07:28:34 GMT
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1903
x-cache: Hit from cloudfront
last-modified: Tue, 14 Feb 2023 21:26:16 GMT
server: Cloudfront
etag: W/"814d8ad1453b2bc31acc54ea1aba2288"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 4mrQl1ZTIm-YSpjNW_YznHbOxqzQPD447uSvvI6dEjub7lfuFLppYA==

GET
H2 200 controller-a60bf2f7ec17972627f2a85500c4155a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FB5D 468 KB
124 KB 60ms
60ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-a60bf2f7ec17972627f2a85500c4155a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-3eff5ac68e7646ce0669579e4f7c3f39.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

06e72bbfd2313c262999e92bf9a15749b5f646550dfe89b2f00b1cc9efeb91fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-3eff5ac68e7646ce0669579e4f7c3f39.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Feb 2023 07:28:34 GMT
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1903
x-cache: Hit from cloudfront
last-modified: Tue, 14 Feb 2023 21:26:14 GMT
server: Cloudfront
etag: W/"a227ea45a179fb612b85a812d69fbb34"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BkiDsoBEV2Rp_-7XUTgXGc9VQSfBMoVbXi9YyhQr7QBvqHEqtwiBKg==

POST
H2 200 csp-report
q.stripe.com/ Frame D03E 0
600 B 207ms
206ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 15 Feb 2023 08:00:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D03E 0
600 B 207ms
207ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 15 Feb 2023 08:00:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame D03E 114 KB
35 KB 193ms
96ms Script
application/javascript 2a00:1450:4013:c00::5c

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-c8dde33935562c246e8caf2e3aa82ae8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c00::5c -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

57d091616da24bf19468596545549a29a3117caa1f6adfd61622105cdc514c5d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lqZQwIP7amratacIVjae6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:00:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lqZQwIP7amratacIVjae6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 15 Feb 2023 08:00:16 GMT

GET
H2 200 shared-010ee5c1f9a01944c6c83443224e6b67.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D03E 301 KB
72 KB 89ms
88ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-c8dde33935562c246e8caf2e3aa82ae8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3540c8121cd5c782ba9b32d34cd96884cffdf0aedd5aa758df0548d15833e92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-c8dde33935562c246e8caf2e3aa82ae8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Feb 2023 07:29:37 GMT
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1903
x-cache: Hit from cloudfront
last-modified: Tue, 14 Feb 2023 21:26:16 GMT
server: Cloudfront
etag: W/"814d8ad1453b2bc31acc54ea1aba2288"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: zTbEPr97t_RxCcdpwQR9HiidOvZkatbn3j4xRLWNwuPZsfO36tMgqA==

GET
H2 200 payment-request-inner-google-pay-70aa7563fbb1744f5311401b135059d1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D03E 9 KB
4 KB 43ms
42ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-70aa7563fbb1744f5311401b135059d1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-c8dde33935562c246e8caf2e3aa82ae8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4e3c6cbdb71bec2b4e19fae5374e1b234363dbea96692b87060391aed926ac89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-c8dde33935562c246e8caf2e3aa82ae8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 15 Feb 2023 07:24:52 GMT
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2136
x-cache: Hit from cloudfront
last-modified: Fri, 27 Jan 2023 18:05:18 GMT
server: Cloudfront
etag: W/"1c77489e1242b98d1af0d4132d81385f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: WE9ZF5CoxnLnSsZckWKkaI0p_H5QIgNe3x7lhaHQZfuxhJwvDtXcyw==

POST
H2 200 csp-report
q.stripe.com/ Frame CA5B 0
600 B 205ms
205ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 15 Feb 2023 08:00:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame CA5B 0
600 B 204ms
204ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 15 Feb 2023 08:00:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-010ee5c1f9a01944c6c83443224e6b67.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame CA5B 301 KB
72 KB 100ms
99ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-89ceae8ba88760164fb4f36786899cef.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3540c8121cd5c782ba9b32d34cd96884cffdf0aedd5aa758df0548d15833e92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-89ceae8ba88760164fb4f36786899cef.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Feb 2023 07:29:37 GMT
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1903
x-cache: Hit from cloudfront
last-modified: Tue, 14 Feb 2023 21:26:16 GMT
server: Cloudfront
etag: W/"814d8ad1453b2bc31acc54ea1aba2288"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gKbJptkZLXMirwWKRk4mSgndet1bx47fjmmEEF_HImJOBxZ1eDkvAw==

GET
H2 200 payment-request-inner-browser-62b851077f9da9acc452dca532fa7672.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame CA5B 11 KB
5 KB 110ms
110ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-62b851077f9da9acc452dca532fa7672.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-89ceae8ba88760164fb4f36786899cef.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b94eb502e26770c9d54de519d7225c016d31cf33584446e77dbaefae9d7dfb13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-89ceae8ba88760164fb4f36786899cef.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 15 Feb 2023 07:47:49 GMT
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 752
x-cache: Hit from cloudfront
last-modified: Thu, 26 Jan 2023 15:39:05 GMT
server: Cloudfront
etag: W/"143881bdb912f2223ebc11f7378e2f5e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _LoGUM4CG3PZcUhxBmD_AcOCWAqOg5bscoRGvQmi5JYS7p9oFMM7bQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame FB5D 474 B
865 B 134ms
46ms Fetch
application/json 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: f55a7f02745c9adb87777d60b20a9301544bba1cff88a729acb8b73fda090e26

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-3eff5ac68e7646ce0669579e4f7c3f39.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Feb 2023 07:59:35 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 21:54:57 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 42
etag: "6a06850ee2b8d587dd88f54b611a0e5f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: PZ7xkyEqVngssteErefZY7cLYnXlQ90lKuf4RiFyHtM4tFNXh6ecWA==

GET
H2 200 link-config Show response
merchant-ui-api.stripe.com/elements/ Frame FB5D 741 B
1 KB 931ms
415ms Fetch
application/json 18.202.131.124

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/link-config?key=pk_live_HkY6R5QMJyAK3pkyih4EShmZ&stripe_js_id=a81c5939-a77f-48e0-bc32-f50250f27518

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.202.131.124 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

04f0b4fd740b229b6c1fc47d694c07fdd6d58a1c72ca1350ad107b556177bf4d

Security Headers

Name	Value
Content-Security-Policy	report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Feb 2023 08:00:17 GMT
content-security-policy: report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 741
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
vary: Origin
x-robots-tag: none
access-control-allow-headers: x-stripe-csrf-token
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 452ms
419ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 442ms
409ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 445ms
413ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 450ms
418ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 237ms
205ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 238ms
207ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 237ms
206ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 237ms
206ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 448ms
418ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 444ms
414ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 440ms
411ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 445ms
416ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 445ms
417ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 443ms
415ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 445ms
417ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 439ms
412ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 7272 18 KB
8 KB 98ms
97ms Document
text/html 2a00:1450:4013:c00::5c

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c00::5c -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

dedab351a571f6e9888ba9a01f933199d995f7e7c2d2aef9c7f43c4b357175d4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Bk0AHEcVOjt0SpSyRTZRbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Bk0AHEcVOjt0SpSyRTZRbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy: same-site
date: Wed, 15 Feb 2023 08:00:16 GMT
expires: Wed, 15 Feb 2023 08:00:16 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 7272 2 KB
2 KB 158ms
158ms Other
text/html 2a00:1450:4013:c00::5c

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: give.stanford.edu
URL: https://give.stanford.edu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c00::5c -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 15 Feb 2023 08:00:17 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.IB0SkeQqdBg.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame 7272 155 KB
55 KB 203ms
55ms Script
text/javascript 2a00:1450:400d:803::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.IB0SkeQqdBg.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhrnt8eX_ZOljHQ0cc_JZKv13JEQw/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2b3711641327099e12e310292a2ff0a243518974b8545562d223b035fec9bd59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55825
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 13:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 17:18:42 GMT

GET
H/1.1 200
OK formDefinition Show response
cdn.kimbia.com/platform/rest/v1/ 63 KB
12 KB 250ms
250ms Fetch
application/json 151.101.128.97
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.kimbia.com/platform/rest/v1/formDefinition?method=formDefinition&format=json&argument=.kba%3AeyJjaGFubmVsSWQiOiJnaXZlZm9ybS9tdWx0aWdpdmUtcmVjdXJyaW5nIiwibWV0YWRhdGEiOnsicmVmZXJyaW5nUGFnZSI6IiIsInVuaXF1ZU51bWJlciI6OTYzMDU0NDI5fX0%3D

Requested by

Host: widgets2.kimbia.com
URL: https://widgets2.kimbia.com/Widgets2/form2/form2.js?channel=giveform/multigive-recurring&id=3BTD5I5&v=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.97 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

3eef31fb5bdfe6af4b02e93614d74660ff75b170ce2b8f7707846a97da8320ee

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' .google.com .gstatic.com .google-analytics.com .stripe.com .paypal.com .abilafundraisingonline.com .cdp.kimbia.com .givegab.com .enterprise.givegab.com .kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security	max-age=2678400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Expires: Mon, 8 Aug 2006 10:00:00 GMT
Content-Security-Policy: script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.stripe.com *.paypal.com *.abilafundraisingonline.com *.cdp.kimbia.com *.givegab.com *.enterprise.givegab.com *.kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security: max-age=2678400; includeSubDomains
Origin: https://give.stanford.edu
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 15 Feb 2023 08:00:17 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache: MISS, MISS
Connection: keep-alive
Content-Length: 10826
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=8 env=best-standards-support
X-Served-By: cache-dal2120100-DAL, cache-hhn-etou8220052-HHN
Pragma: no-cache
Server: Apache-Coyote/1.1
X-Timer: S1676448017.287998,VS0,VE200
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://give.stanford.edu
Cache-Control: no-cache, no-store, must-revalidate, private
Accept-Ranges: bytes
X-Cache-Hits: 0, 0

GET
H2 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.IB0SkeQqdBg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S... Frame 7272 69 KB
26 KB 54ms
53ms Script
text/javascript 2a00:1450:400d:803::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.IB0SkeQqdBg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S1w8cg4zM.L.B1.O/am=mAFA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfricibKU4k63ajAbDLm-wfw10DpLoA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.IB0SkeQqdBg.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhrnt8eX_ZOljHQ0cc_JZKv13JEQw/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b9b08369d3a70b7ee263b0c01e1c522251c634408b138b49a727d7ba07472386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26133
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 13:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 17:18:43 GMT

OPTIONS
H/1.1 200
OK multigive
api.kimbia.com/platform/rest/v1/ Frame 0
0 822ms
218ms Preflight
application/vnd.sun.wadl+xml 174.143.96.180
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kimbia.com/platform/rest/v1/multigive

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

174.143.96.180 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' .google.com .gstatic.com .google-analytics.com .stripe.com .paypal.com .abilafundraisingonline.com .cdp.kimbia.com .givegab.com .enterprise.givegab.com .kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security	max-age=2678400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.stanford.edu
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin, content-type, accept, authorization
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin: https://give.stanford.edu
Access-Control-Max-Age: 86400
Allow: POST,OPTIONS
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Encoding: gzip
Content-Length: 340
Content-Security-Policy: script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.stripe.com *.paypal.com *.abilafundraisingonline.com *.cdp.kimbia.com *.givegab.com *.enterprise.givegab.com *.kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Content-Type: application/vnd.sun.wadl+xml
Date: Wed, 15 Feb 2023 08:00:17 GMT
Expires: Mon, 8 Aug 2006 10:00:00 GMT
Last-modified: Wed, 15 Feb 2023 02:00:18 CST
Origin: https://give.stanford.edu
Pragma: no-cache
Server: Apache-Coyote/1.1
Strict-Transport-Security: max-age=2678400; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=8 env=best-standards-support
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK formEvent
api.kimbia.com/platform/rest/v1/ Frame 0
0 799ms
219ms Preflight
application/vnd.sun.wadl+xml 174.143.96.180
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kimbia.com/platform/rest/v1/formEvent

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

174.143.96.180 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' .google.com .gstatic.com .google-analytics.com .stripe.com .paypal.com .abilafundraisingonline.com .cdp.kimbia.com .givegab.com .enterprise.givegab.com .kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security	max-age=2678400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.stanford.edu
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin, content-type, accept, authorization
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin: https://give.stanford.edu
Access-Control-Max-Age: 86400
Allow: POST,OPTIONS
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Encoding: gzip
Content-Length: 323
Content-Security-Policy: script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.stripe.com *.paypal.com *.abilafundraisingonline.com *.cdp.kimbia.com *.givegab.com *.enterprise.givegab.com *.kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Content-Type: application/vnd.sun.wadl+xml
Date: Wed, 15 Feb 2023 08:00:17 GMT
Expires: Mon, 8 Aug 2006 10:00:00 GMT
Last-modified: Wed, 15 Feb 2023 02:00:18 CST
Origin: https://give.stanford.edu
Pragma: no-cache
Server: Apache-Coyote/1.1
Strict-Transport-Security: max-age=2678400; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=8 env=best-standards-support
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 form2.css
widgets2.kimbia.com/Widgets2/form2/ 30 KB
31 KB 161ms
161ms Stylesheet
text/css 174.143.96.180
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets2.kimbia.com/Widgets2/form2/form2.css
Requested by: Host: widgets2.kimbia.com
URL: https://widgets2.kimbia.com/Widgets2/form2/form2.js?channel=giveform/multigive-recurring&id=3BTD5I5&v=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.96.180 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 2f36a25f71da41dd613823b32195e45ba0b5900f018f2231b6d7bde6a7df4bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 08:00:17 GMT
Last-Modified: Fri, 13 Jan 2023 18:23:24 GMT
Accept-Ranges: bytes
ETag: W/"31042-1673634204000"
Content-Length: 31042
Content-Type: text/css

POST
H/1.1 200
OK multigive Show response
api.kimbia.com/platform/rest/v1/ 19 KB
4 KB 315ms
312ms Fetch
application/json 174.143.96.180
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kimbia.com/platform/rest/v1/multigive

Requested by

Host: widgets2.kimbia.com
URL: https://widgets2.kimbia.com/Widgets2/form2/form2.js?channel=giveform/multigive-recurring&id=3BTD5I5&v=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

174.143.96.180 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

628eae6b2e6bd723e37fe87786cba2718ee95d42dc0dc1373307ff86fd1c1f25

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' .google.com .gstatic.com .google-analytics.com .stripe.com .paypal.com .abilafundraisingonline.com .cdp.kimbia.com .givegab.com .enterprise.givegab.com .kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security	max-age=2678400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://give.stanford.edu/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Content-Security-Policy: script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.stripe.com *.paypal.com *.abilafundraisingonline.com *.cdp.kimbia.com *.givegab.com *.enterprise.givegab.com *.kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security: max-age=2678400; includeSubDomains
Origin: https://give.stanford.edu
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 15 Feb 2023 08:00:18 GMT
Content-Length: 2791
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=8 env=best-standards-support
Pragma: no-cache
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://give.stanford.edu
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: Mon, 8 Aug 2006 10:00:00 GMT

POST
H/1.1 200
OK formEvent Show response
api.kimbia.com/platform/rest/v1/ 74 B
1 KB 167ms
166ms Fetch
application/json 174.143.96.180
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kimbia.com/platform/rest/v1/formEvent

Requested by

Host: widgets2.kimbia.com
URL: https://widgets2.kimbia.com/Widgets2/form2/form2.js?channel=giveform/multigive-recurring&id=3BTD5I5&v=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

174.143.96.180 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

8d5b6e414564c5c778d8d5ae8d52982886189a132b6e20fc00f6b64ca2f34298

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' .google.com .gstatic.com .google-analytics.com .stripe.com .paypal.com .abilafundraisingonline.com .cdp.kimbia.com .givegab.com .enterprise.givegab.com .kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security	max-age=2678400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://give.stanford.edu/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Content-Security-Policy: script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.stripe.com *.paypal.com *.abilafundraisingonline.com *.cdp.kimbia.com *.givegab.com *.enterprise.givegab.com *.kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security: max-age=2678400; includeSubDomains
Origin: https://give.stanford.edu
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 15 Feb 2023 08:00:18 GMT
Content-Length: 90
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=8 env=best-standards-support
Pragma: no-cache
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://give.stanford.edu
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: Mon, 8 Aug 2006 10:00:00 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 7272 1 MB
358 KB 97ms
97ms XHR
text/html 2a00:1450:4013:c00::5c

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c00::5c -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

309ee8d352c8585f15cd9fbe213f91390f686fe5949d0f25bdc2f4ead70fd056

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1txU03FByNI_v4U2h2yZmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:00:17 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1txU03FByNI_v4U2h2yZmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 15 Feb 2023 08:00:17 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.IB0SkeQqdBg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S... Frame 7272 23 KB
9 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:803::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.IB0SkeQqdBg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S1w8cg4zM.L.B1.O/am=mAFA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfricibKU4k63ajAbDLm-wfw10DpLoA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

da64b5b0a8a83d9dbe76ddbaeda31c1fb0e087d5a7fca4098ee4d3dced8906b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9253
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 13:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 17:18:43 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.IB0SkeQqdBg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S... Frame 7272 35 KB
13 KB 57ms
57ms Script
text/javascript 2a00:1450:400d:803::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.IB0SkeQqdBg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S1w8cg4zM.L.B1.O/am=mAFA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfricibKU4k63ajAbDLm-wfw10DpLoA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

aa0555470858c60eacc4161a1b3b4f79809f9ef82948e41442e6a2218abe836f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13390
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 13:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 17:18:43 GMT

POST
H2 200 log Show response
play.google.com/ Frame 7272 131 B
273 B 169ms
167ms XHR
text/plain 2a00:1450:400d:807::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 15 Feb 2023 08:00:17 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Feb 2023 08:00:17 GMT

POST
H2 200 log Show response
play.google.com/ Frame 7272 131 B
273 B 170ms
168ms XHR
text/plain 2a00:1450:400d:807::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 15 Feb 2023 08:00:17 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Feb 2023 08:00:17 GMT

POST
H2 200 log Show response
play.google.com/ Frame 7272 131 B
273 B 169ms
168ms XHR
text/plain 2a00:1450:400d:807::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 15 Feb 2023 08:00:17 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Feb 2023 08:00:17 GMT

POST
H2 200 log Show response
play.google.com/ Frame 7272 131 B
273 B 170ms
169ms XHR
text/plain 2a00:1450:400d:807::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 15 Feb 2023 08:00:17 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Feb 2023 08:00:17 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 208ms
208ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 208ms
208ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 208ms
207ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 207ms
207ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 log Show response
play.google.com/ Frame 7272 131 B
273 B 166ms
165ms XHR
text/plain 2a00:1450:400d:807::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 15 Feb 2023 08:00:17 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Feb 2023 08:00:17 GMT

POST
H2 200 log Show response
play.google.com/ Frame 7272 131 B
273 B 167ms
166ms XHR
text/plain 2a00:1450:400d:807::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 15 Feb 2023 08:00:17 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Feb 2023 08:00:17 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 204ms
203ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 204ms
204ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 397ms
397ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 397ms
397ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H/1.1 200
OK multigive
api.kimbia.com/platform/rest/v1/ 19 KB
4 KB 323ms
322ms Fetch
application/json 174.143.96.180
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kimbia.com/platform/rest/v1/multigive

Requested by

Host: widgets2.kimbia.com
URL: https://widgets2.kimbia.com/Widgets2/form2/form2.js?channel=giveform/multigive-one-time-general&id=3BTD5I5&v=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

174.143.96.180 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' .google.com .gstatic.com .google-analytics.com .stripe.com .paypal.com .abilafundraisingonline.com .cdp.kimbia.com .givegab.com .enterprise.givegab.com .kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security	max-age=2678400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://give.stanford.edu/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Content-Security-Policy: script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.stripe.com *.paypal.com *.abilafundraisingonline.com *.cdp.kimbia.com *.givegab.com *.enterprise.givegab.com *.kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security: max-age=2678400; includeSubDomains
Origin: https://give.stanford.edu
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 15 Feb 2023 08:00:18 GMT
Content-Length: 2791
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=8 env=best-standards-support
Pragma: no-cache
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://give.stanford.edu
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: Mon, 8 Aug 2006 10:00:00 GMT

POST
H/1.1 200
OK formEvent Show response
api.kimbia.com/platform/rest/v1/ 74 B
1 KB 170ms
169ms Fetch
application/json 174.143.96.180
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kimbia.com/platform/rest/v1/formEvent

Requested by

Host: widgets2.kimbia.com
URL: https://widgets2.kimbia.com/Widgets2/form2/form2.js?channel=giveform/multigive-one-time-general&id=3BTD5I5&v=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

174.143.96.180 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

8d5b6e414564c5c778d8d5ae8d52982886189a132b6e20fc00f6b64ca2f34298

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' .google.com .gstatic.com .google-analytics.com .stripe.com .paypal.com .abilafundraisingonline.com .cdp.kimbia.com .givegab.com .enterprise.givegab.com .kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security	max-age=2678400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://give.stanford.edu/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Content-Security-Policy: script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.stripe.com *.paypal.com *.abilafundraisingonline.com *.cdp.kimbia.com *.givegab.com *.enterprise.givegab.com *.kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security: max-age=2678400; includeSubDomains
Origin: https://give.stanford.edu
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 15 Feb 2023 08:00:18 GMT
Content-Length: 90
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=8 env=best-standards-support
Pragma: no-cache
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://give.stanford.edu
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: Mon, 8 Aug 2006 10:00:00 GMT

GET
H2 200 down.png
give.stanford.edu/ 378 B
507 B 57ms
56ms Image
image/png 2a05:d014:275:cb01:190c:7f02:2b97:3b21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.stanford.edu/down.png

Requested by

Host: give.stanford.edu
URL: https://give.stanford.edu/su-giving-v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

bd7fea0100495581f0c69cc9133fd29393cf0d565f95fb2a98720bf81f50a39b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.stanford.edu/su-giving-v3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-nf-request-id: 01GSA1DB8Y3RZQBVAR8X5R1RHS
date: Mon, 13 Feb 2023 00:46:26 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
age: 198831
content-length: 378
referrer-policy: origin-when-cross-origin
server: Netlify
etag: "47bea4f4d9e5b5fd40dbad3027617029-ssl"
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: vibrate=(), geolocation=(), midi=(), notifications=(), push=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.stanford.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 14:00:23 GMT
x-content-type-options: nosniff
age: 64794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 14:00:23 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame FB5D 0
157 B 342ms
342ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-010ee5c1f9a01944c6c83443224e6b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Wed, 15 Feb 2023 08:00:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

OPTIONS
H/1.1 200
OK multigive
api.kimbia.com/platform/rest/v1/ Frame 0
0 726ms
219ms Preflight
application/vnd.sun.wadl+xml 174.143.96.180
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kimbia.com/platform/rest/v1/multigive

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

174.143.96.180 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' .google.com .gstatic.com .google-analytics.com .stripe.com .paypal.com .abilafundraisingonline.com .cdp.kimbia.com .givegab.com .enterprise.givegab.com .kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security	max-age=2678400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.stanford.edu
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin, content-type, accept, authorization
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin: https://give.stanford.edu
Access-Control-Max-Age: 86400
Allow: POST,OPTIONS
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Encoding: gzip
Content-Length: 340
Content-Security-Policy: script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.stripe.com *.paypal.com *.abilafundraisingonline.com *.cdp.kimbia.com *.givegab.com *.enterprise.givegab.com *.kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Content-Type: application/vnd.sun.wadl+xml
Date: Wed, 15 Feb 2023 08:00:17 GMT
Expires: Mon, 8 Aug 2006 10:00:00 GMT
Last-modified: Wed, 15 Feb 2023 02:00:18 CST
Origin: https://give.stanford.edu
Pragma: no-cache
Server: Apache-Coyote/1.1
Strict-Transport-Security: max-age=2678400; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=8 env=best-standards-support
X-XSS-Protection: 1; mode=block

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 236ms
87ms Preflight
text/plain 2a00:1450:400d:807::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 15 Feb 2023 08:00:17 GMT
expires: Wed, 15 Feb 2023 08:00:17 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 235ms
87ms Preflight
text/plain 2a00:1450:400d:807::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 15 Feb 2023 08:00:17 GMT
expires: Wed, 15 Feb 2023 08:00:17 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 235ms
88ms Preflight
text/plain 2a00:1450:400d:807::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 15 Feb 2023 08:00:17 GMT
expires: Wed, 15 Feb 2023 08:00:17 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 234ms
88ms Preflight
text/plain 2a00:1450:400d:807::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 15 Feb 2023 08:00:17 GMT
expires: Wed, 15 Feb 2023 08:00:17 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 228ms
88ms Preflight
text/plain 2a00:1450:400d:807::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 15 Feb 2023 08:00:17 GMT
expires: Wed, 15 Feb 2023 08:00:17 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 226ms
89ms Preflight
text/plain 2a00:1450:400d:807::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 15 Feb 2023 08:00:17 GMT
expires: Wed, 15 Feb 2023 08:00:17 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H/1.1 200
OK formEvent
api.kimbia.com/platform/rest/v1/ Frame 0
0 706ms
219ms Preflight
application/vnd.sun.wadl+xml 174.143.96.180
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kimbia.com/platform/rest/v1/formEvent

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

174.143.96.180 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' .google.com .gstatic.com .google-analytics.com .stripe.com .paypal.com .abilafundraisingonline.com .cdp.kimbia.com .givegab.com .enterprise.givegab.com .kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Strict-Transport-Security	max-age=2678400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.stanford.edu
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin, content-type, accept, authorization
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin: https://give.stanford.edu
Access-Control-Max-Age: 86400
Allow: POST,OPTIONS
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Encoding: gzip
Content-Length: 323
Content-Security-Policy: script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.stripe.com *.paypal.com *.abilafundraisingonline.com *.cdp.kimbia.com *.givegab.com *.enterprise.givegab.com *.kimbia.com widget.intercom.io js.intercomcdn.com *.fullstory.com doublethedonation.com
Content-Type: application/vnd.sun.wadl+xml
Date: Wed, 15 Feb 2023 08:00:17 GMT
Expires: Mon, 8 Aug 2006 10:00:00 GMT
Last-modified: Wed, 15 Feb 2023 02:00:18 CST
Origin: https://give.stanford.edu
Pragma: no-cache
Server: Apache-Coyote/1.1
Strict-Transport-Security: max-age=2678400; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=8 env=best-standards-support
X-XSS-Protection: 1; mode=block

POST
H2 200 log Show response
play.google.com/ Frame 7272 131 B
578 B 221ms
86ms XHR
text/plain 2a00:1450:400d:807::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 15 Feb 2023 08:00:17 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Feb 2023 08:00:17 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.stanford.edu/	1970-01-20 19:16:48	Name: _ga_XW519E7SFD Value: GS1.1.1676448012.1.0.1676448012.0.0.0
.stanford.edu/	1970-01-20 19:16:48	Name: _ga Value: GA1.2.430836001.1676448013
.stanford.edu/	1970-01-20 09:42:14	Name: _gid Value: GA1.2.898767317.1676448013
.stanford.edu/	1970-01-20 09:40:48	Name: _gat_UA-34471806-29 Value: 1
m.stripe.com/	1970-01-20 19:16:48	Name: m Value: 6f11a919-94c5-4b7b-8a14-afadde5f9e2545c93e
.give.stanford.edu/	1970-01-20 18:26:24	Name: __stripe_mid Value: 6f5cdc37-ac91-4c93-b067-c01a9ff1da4d1a4198
.give.stanford.edu/	1970-01-20 09:40:49	Name: __stripe_sid Value: c3d06dce-ff37-4e53-a0a0-5b08ee9667cfeee297
.google.com/	1970-01-20 14:04:19	Name: NID Value: 511=nGZdZaH2J4W8n5ZXofqMzDtyEe4ZuGLhF_ra5_dEgv593HaIDYXUMfzqT-syUNieQSDkD5qMLE4GKn3dexG8EhcpEHyLj5uuyztIgoBk4yjPAd5jLpCIMK-YPD4jJeX1kOOd4oloZZ6-_n4XWwI9FBRCmDY2apYhUvTdp-dHC0w

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'vibrate'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'notifications'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'push'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.kimbia.com
assets.stanford.edu
cdn.kimbia.com
fonts.googleapis.com
fonts.gstatic.com
give.stanford.edu
js.stripe.com
m.stripe.com
m.stripe.network
makeapledgepayment.stanford.edu
merchant-ui-api.stripe.com
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
region1.google-analytics.com
widgets2.kimbia.com
www-media.stanford.edu
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
151.101.128.97
174.143.96.180
18.202.131.124
2001:4860:4802:34::36
2600:9000:238d:aa00:19:7d10:bd80:93a1
2a00:1450:4001:813::2003
2a00:1450:400d:803::2003
2a00:1450:400d:806::200e
2a00:1450:400d:807::200e
2a00:1450:400d:808::2008
2a00:1450:400d:80c::200a
2a00:1450:4013:c00::5c
2a05:d014:275:cb01:190c:7f02:2b97:3b21
44.233.72.180
52.222.214.90
54.186.23.98
54.81.116.232
99.86.4.99
04f0b4fd740b229b6c1fc47d694c07fdd6d58a1c72ca1350ad107b556177bf4d
06e72bbfd2313c262999e92bf9a15749b5f646550dfe89b2f00b1cc9efeb91fb
0918aca26221d702c36c8380b1199d2aa620f2260ec6eec4f104f20b85e55992
0a1fb6374bdd55b94a440c299d245529f8d9f3488a941ebd47f5f89e7be4b8d9
0e33a04aa1d9454ad7356d6f24716eb8897d6777aef35b2176360e2cdfbec839
11c9c18fed65501bcb5982195cac067d9e6567c68014267214718efcfcc084a2
1b08bd48035ed307a77be18b4037f3a991c8a290ec50b7223a18b3f96d626f40
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
274ec60fa5e64f16eba2e1d95fb5eb3769ad5e5ca529d52623cbdc9ab63077a4
2b3711641327099e12e310292a2ff0a243518974b8545562d223b035fec9bd59
2f36a25f71da41dd613823b32195e45ba0b5900f018f2231b6d7bde6a7df4bdc
309ee8d352c8585f15cd9fbe213f91390f686fe5949d0f25bdc2f4ead70fd056
3540c8121cd5c782ba9b32d34cd96884cffdf0aedd5aa758df0548d15833e92e
3eef31fb5bdfe6af4b02e93614d74660ff75b170ce2b8f7707846a97da8320ee
4330a2a853e36bac860cf3c8f7f214b5ee10f661e7961832d3ea3a4e2bc864fc
4b577e5f1857c17519329fd3762a1315a0bdb3e661044c73089bdf8664907340
4dbd2d6a9d8933cdd26df1809257010c691bdedc772dd8287e26cdd8963ccbca
4e3c6cbdb71bec2b4e19fae5374e1b234363dbea96692b87060391aed926ac89
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52b0ae863257fa1adbd5f325acaf55fb810b68ae9bdf7df51c5ca6cb9277d2d3
5736e4d04e863d87d0e60a89444644f484c4cb9e763778cc14a3aa3cba480824
57d091616da24bf19468596545549a29a3117caa1f6adfd61622105cdc514c5d
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6010ccd4200c29dfa0c8adbfcb30315fca4ffa85d815f3fc5e63a3519874d8d4
628eae6b2e6bd723e37fe87786cba2718ee95d42dc0dc1373307ff86fd1c1f25
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
8d5b6e414564c5c778d8d5ae8d52982886189a132b6e20fc00f6b64ca2f34298
931c8354af049907abe0ce30ca52f2ab333b8c30b2a2d831b0522461727ffe4e
9408f39984c8ca29f018681e70320583511ca5bae058761bf0efa4a665188a42
9a030d824fb510b636b4aa7dba74476620a08a6d4ca47c62c49ce1e3e84ec8b8
a48938a41e345d82e07b3a9d95e879a5f19d2246607fbb21e6305fefb336e197
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aa0555470858c60eacc4161a1b3b4f79809f9ef82948e41442e6a2218abe836f
aab26954bc7a751db41678a770ad42a2367ed441fcef3988a6813d3b1d27f998
ac00e9b5ed5241dedf84c506595cdea83719d22fa23c7e19062b04a71fa6f7a4
ac12597cc42212840d8e8a582fb671e14ae4a4d075eb2c112fec8f7d0875731e
ac6873ec9f760429ab635154c818f02d94fe3e6141d34008b29b0231c52b44d6
b2b65ba7567194897bd52fba2b83003850e2f752f31f26a781c6135254a260c2
b59c0d29c1765d3868ef2a3a7db6b15fe70a6fb03cdcf99298d2bbe359e34617
b94eb502e26770c9d54de519d7225c016d31cf33584446e77dbaefae9d7dfb13
b9b08369d3a70b7ee263b0c01e1c522251c634408b138b49a727d7ba07472386
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd7fea0100495581f0c69cc9133fd29393cf0d565f95fb2a98720bf81f50a39b
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1dd7f39f52cc787947daeb8a87fc6bc019a236b1ca6cb46b7bccf00d6c5e5c2
c5c619378e77b5e707a62bbcc9427e8488c881ff2c225b1f2b51074f0da720bd
cd68c0ed75d83dbc6e83f2646c1c29e8dbeaa0522a8b80cebe65fe187f99d3c4
d42a2e1e2995c1b5d0716ac0c6f2eef70ad416c8993b87b95954e15a3c77b26a
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
da64b5b0a8a83d9dbe76ddbaeda31c1fb0e087d5a7fca4098ee4d3dced8906b9
dedab351a571f6e9888ba9a01f933199d995f7e7c2d2aef9c7f43c4b357175d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e744e2598891bca74d6f104dcf784fc1a8a72941196624529ad9500fe016b6
e861595fa7024f9db1f207582d5d79149e244e4118e7c71975a6c816e9dd5922
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f3eb514517bd554fb4f8dc46a749396c763d412cca3ac958b8c57d17da9a0354
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f55a7f02745c9adb87777d60b20a9301544bba1cff88a729acb8b73fda090e26
fde3dc24bc0a18f171748e03fec858b3322c032e444b6653f16901653370ab13
fecaad604fdac9a8167433c91d926bbc8acf79a360b87291cde7f486e0368ef4

give.stanford.edu Open in urlscan Pro 2a05:d014:275:cb01:190c:7f02:2b97:3b21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

99 %HTTPS

56 %IPv6

9 Domains

21 Subdomains

17 IPs

3 Countries

2602 kBTransfer

6251 kBSize

8 Cookies

16 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

give.stanford.edu Open in urlscan Pro
2a05:d014:275:cb01:190c:7f02:2b97:3b21 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

99 %
HTTPS

56 %
IPv6

9
Domains

21
Subdomains

17
IPs

3
Countries

2602 kB
Transfer

6251 kB
Size

8
Cookies

118 HTTP transactions
0 data transactions