give.pajamaprogram.org Open in urlscan Pro
2606:4700::6812:7115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pajamaprogram.cmail19.com/t/t-l-qllgz-elykyhuty-u
Effective URL:
https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Submission Tags: falconsandbox
Submission: On February 22 via api (February 22nd 2022, 1:13:11 pm UTC) from US — Scanned from DE

Summary HTTP 181 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 23 domains to perform 181 HTTP transactions. The main IP is 2606:4700::6812:7115, located in United States and belongs to CLOUDFLARENET, US. The main domain is give.pajamaprogram.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 1st 2021. Valid for: a year.

This is the only time give.pajamaprogram.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.196.132.139 18.196.132.139	16509 (AMAZON-02) (AMAZON-02)
29	2606:4700::68... 2606:4700::6812:7115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.96.109.67 23.96.109.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.121.78 13.32.121.78	16509 (AMAZON-02) (AMAZON-02)
22	65.9.78.17 65.9.78.17	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.121.116 13.32.121.116	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
6	54.166.193.69 54.166.193.69	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
36	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
2	34.209.192.116 34.209.192.116	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:400c:c04::5c	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
181	28

1 18.196.132.139 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-132-139.eu-central-1.compute.amazonaws.com

pajamaprogram.cmail19.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700::6812:7115 (United States)

ASN13335 (CLOUDFLARENET, US)

give.pajamaprogram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.96.109.67 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-78.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 65.9.78.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-78-17.ams1.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-116.fra60.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.166.193.69 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-193-69.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.209.192.116 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-192-116.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400c:c04::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	stripe.com js.stripe.com — Cisco Umbrella Rank: 854 q.stripe.com — Cisco Umbrella Rank: 5951 m.stripe.com — Cisco Umbrella Rank: 828 r.stripe.com — Cisco Umbrella Rank: 4038	621 KB
33	google.com pay.google.com — Cisco Umbrella Rank: 3171 play.google.com — Cisco Umbrella Rank: 32	769 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com	398 KB
16	classy.org prod-frs.content.classy.org — Cisco Umbrella Rank: 153659 pay.classy.org — Cisco Umbrella Rank: 260669 assets.classy.org — Cisco Umbrella Rank: 158585	1 MB
13	pajamaprogram.org give.pajamaprogram.org	45 KB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	60 KB
7	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 3026 heapanalytics.com — Cisco Umbrella Rank: 2637	45 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 591 syndication.twitter.com — Cisco Umbrella Rank: 840	133 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 913	17 KB
2	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 311	1 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	49 KB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 723	141 B
2	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 15645	71 KB
2	doublethedonation.com doublethedonation.com — Cisco Umbrella Rank: 68976	110 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 67	444 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 709	256 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 306	18 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 546	30 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 802	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 34906	4 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1184	5 KB
1	cmail19.com 1 redirects pajamaprogram.cmail19.com	330 B
181	23

	Domain	Requested by
28	r.stripe.com	js.stripe.com
25	play.google.com	www.gstatic.com
22	js.stripe.com	give.pajamaprogram.org js.stripe.com
13	give.pajamaprogram.org	give.pajamaprogram.org
11	www.google-analytics.com	give.pajamaprogram.org www.gstatic.com
10	www.gstatic.com	pay.google.com www.gstatic.com
9	prod-frs.content.classy.org	give.pajamaprogram.org prod-frs.content.classy.org
8	pay.google.com	js.stripe.com pay.google.com give.pajamaprogram.org www.gstatic.com
8	q.stripe.com	give.pajamaprogram.org
7	fonts.gstatic.com	fonts.googleapis.com
6	heapanalytics.com
4	pay.classy.org	give.pajamaprogram.org
3	assets.classy.org
2	m.stripe.com	m.stripe.network
2	m.stripe.network	js.stripe.com m.stripe.network
2	bam-cell.nr-data.net	give.pajamaprogram.org
2	www.youtube.com	give.pajamaprogram.org
2	platform.twitter.com	give.pajamaprogram.org
2	sessions.bugsnag.com	give.pajamaprogram.org
2	cdn.plaid.com	give.pajamaprogram.org
2	doublethedonation.com	give.pajamaprogram.org
1	syndication.twitter.com	platform.twitter.com
1	stats.g.doubleclick.net	give.pajamaprogram.org
1	fonts.googleapis.com	give.pajamaprogram.org
1	geolocation.onetrust.com	give.pajamaprogram.org
1	js-agent.newrelic.com	give.pajamaprogram.org
1	code.jquery.com	give.pajamaprogram.org
1	cdn.heapanalytics.com	give.pajamaprogram.org
1	unpkg.com	give.pajamaprogram.org
1	htp.tokenex.com	give.pajamaprogram.org
1	static.cloudflareinsights.com	give.pajamaprogram.org
1	pajamaprogram.cmail19.com	1 redirects
181	32

This site contains links to these domains. Also see Links.

Domain
www.classy.org
classy.org

Subject Issuer	Validity	Valid
give.pajamaprogram.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
doublethedonation.com Sectigo ECC Domain Validation Secure Server CA	`2020-04-09` - `2022-07-12`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2022-01-12` - `2023-02-13`	a year	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2020-04-17` - `2022-04-22`	2 years	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-01-26` - `2022-05-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-05`	a year	crt.sh
heapanalytics.com Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
pay.classy.org Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-11` - `2022-05-04`	4 months	crt.sh

This page contains 12 frames:

Primary Page: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Frame ID: 9575D8B9A0A4F8D83C2A529CE183B48A
Requests: 72 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html
Frame ID: 72328F4555B35D74F8FD3C83FDB49BDB
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fgive.pajamaprogram.org
Frame ID: 947E01005414B0A3DAEF22C892CF4EF0
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 257A0023E44DEF3B9077C508BA2B2D5E
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-1d0b1f96bba543b07af5eecaa32a34c5.html
Frame ID: BAB51CF39C5E2DE735DB7C81619F4C74
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html
Frame ID: B77ED3D7CA1FFE2D22898D686D85B975
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-ad374c3654b8ddaa717bfcf79d1b258a.html
Frame ID: 31DBE32BAF081F6114FF248B2B45F7FF
Requests: 4 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 4B36875E7DAC72E4F04A7ADFBE1EEC61
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-1d0b1f96bba543b07af5eecaa32a34c5.html
Frame ID: 0AF41E9149C2E9EFA4D481F750AC5E2D
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html
Frame ID: 75CD7353E4A7414CFC838BCA062A3375
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-ad374c3654b8ddaa717bfcf79d1b258a.html
Frame ID: D49F8CE9687E8553774E8832600510C8
Requests: 4 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 67DB7D27952FA73EFB4B1F6F7133FC4A
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to Pajama Program Support

Page URL History Show full URLs

http://pajamaprogram.cmail19.com/t/t-l-qllgz-elykyhuty-u HTTP 302
https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campai... Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

181
Requests

99 %
HTTPS

54 %
IPv6

23
Domains

32
Subdomains

28
IPs

4
Countries

3553 kB
Transfer

11921 kB
Size

23
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.classy.org/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/cookies/
Title: Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/copyright/
Title: DMCA Policy

Search URL Search Domain Scan URL

URL: https://classy.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pajamaprogram.cmail19.com/t/t-l-qllgz-elykyhuty-u HTTP 302
https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

181 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
give.pajamaprogram.org/give/247710/
Redirect Chain

http://pajamaprogram.cmail19.com/t/t-l-qllgz-elykyhuty-u
https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

86 KB
25 KB

585ms
544ms

Document
text/html

2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbac51da4cca7f9aded23256189c307d2b9fa1148c1d48d0e1494b065486ec9d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 22 Feb 2022 13:13:03 GMT
content-type: text/html; charset=utf-8
cf-ray: 6e18782efe74911e-FRA
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'self';
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br

Redirect headers

Date: Tue, 22 Feb 2022 13:13:02 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Server: _waflopenresty/1.11.2.2
Location: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222#!/donation/checkout?

GET
H2 200 main.css
prod-frs.content.classy.org/prod/15862/static/frs/ 1 MB
137 KB 76ms
43ms Stylesheet
text/css 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15862/static/frs/main.css

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8de32eaddf6935168f5339f41de7c43dbfd1d0d33baedff4178331beba61d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 12278
cf-polished: origSize=1082629
x-amz-request-id: T2P919FHNT4FSSXS
x-amz-id-2: YU5lIa95bwNoCgxpjFTOJXkY5xiYObZCCzrM07oqgoI7yGUIdrCXr998fd6ieMmwVNLxBfS8d58=
last-modified: Wed, 26 Jan 2022 18:32:42 GMT
server: cloudflare
etag: W/"8a8a1165ab59910d65f8b5b707de03d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=86400
cf-ray: 6e187833b8668fe0-FRA
cf-bgj: minify

GET
H2 200 ddplugin.css
doublethedonation.com/api/css/ 153 KB
20 KB 400ms
212ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/css/ddplugin.css
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 34d4b0d52609d6fe3b7a0b1ade615a14d99b59b85c35a078c7839e33695a893b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:03 GMT
content-encoding: br
last-modified: Fri, 18 Feb 2022 15:48:21 GMT
server: nginx
etag: "620fbfc5-5027"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=600;
content-length: 20519

GET
H2 200 rocket-loader.min.js Show response
give.pajamaprogram.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.pajamaprogram.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Feb 2022 13:46:32 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"620d0038-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800, public
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 6e1878354d1a911e-FRA
expires: Thu, 24 Feb 2022 13:13:03 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 98ms
75ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://give.pajamaprogram.org/
Origin: https://give.pajamaprogram.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:03 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6e1878356dd49293-FRA

GET
H2 200 onetrustConsent-1539020710655.js Show response
prod-frs.content.classy.org/prod/15862/static/onetrust/ 50 KB
12 KB 42ms
40ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15862/static/onetrust/onetrustConsent-1539020710655.js

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 10729
cf-polished: origSize=54583
x-amz-request-id: T2PAP82DP06JTZRJ
x-amz-id-2: 3v5LwVvsL3l/+ClQG3jxgsKwSdVXtBPWr5522drQeIvaBOV74M8fad0QmlqPPBcKOE8gIOo0MP8=
last-modified: Wed, 26 Jan 2022 18:32:43 GMT
server: cloudflare
etag: W/"64c3a4446a1c238c4df7f2db78163772"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6e1878357cee8fe0-FRA
cf-bgj: minify

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 15 KB
4 KB 511ms
122ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

53f02d29d8d4147a41c50b3ca5b7d3d1bd88b73df595a1f638634c464362c1c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Feb 2022 19:59:33 GMT
etag: "800ef63261dd81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
date: Tue, 22 Feb 2022 13:13:03 GMT
accept-ranges: bytes
content-length: 3968
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 59ms
39ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:03 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10243802
fly-request-id: 01FJZFRMM9DBHPG2M766J8W1NQ
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6e1878358ba56909-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/15862/static/frs/donation/ 178 KB
36 KB 43ms
41ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15862/static/frs/donation/module.min.js

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e68b3ce2c0a59c4be47506edd1ddacf1cca1f53d65e0684f9b78ec2b1c036e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 18:32:42 GMT
server: cloudflare
age: 12070
etag: W/"de268a2d4205e475380e94285c618110"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 6e1878357cf18fe0-FRA
x-amz-request-id: T2YWWBNH395WZDDX
x-amz-id-2: Qn5dBXLuWZbBduuuMd7u5k+ki/AwLw7bPqZxJY91esyIxs0NRX8nV9GRS5ne55kk9aXYNNsnXRU=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/15862/static/global/ 2 MB
340 KB 66ms
65ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15862/static/global/module.min.js

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f50121d52118e6d9502faafa06b37a52ed8b728cf84bc6f2baf1398c0aacdcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 18:32:43 GMT
server: cloudflare
age: 12177
etag: W/"2af50de20b583c39a952c2027fcb9f58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 6e1878357cf38fe0-FRA
x-amz-request-id: T2P77XW18DSDXM9M
x-amz-id-2: w8QYzpMAxxHDuwc68RvInrFZaapmDkd7eQWefjSiGjfZDJiTtd2kcHM9/V0sDqseW/MCTSf2/wA=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/15862/static/global/ 1 MB
430 KB 108ms
106ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15862/static/global/libs.min.js

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 18:32:43 GMT
server: cloudflare
age: 12177
etag: W/"772e1301b871cc2545926cb86ee5965f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 6e1878357cf68fe0-FRA
x-amz-request-id: T2PED3DS2PYKZHN9
x-amz-id-2: NojNWUNUKtscMklvPQ1dj/PIJRi3/U91sAYVrPQIs1l9rzdubotL0zHR2ldJUOaAf4rkp3mLwDw=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 86 KB
30 KB 186ms
57ms Script
application/javascript 13.32.121.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-78.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f4225772827551ffb18122b8fbe430e812b36978dc627ee747e899a6bdfb3d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: cJxtP8Mpi0VCLcPpGPCWNcdkKS9VwLNl
content-encoding: gzip
etag: W/"bccabd8dfd89aa1e91841f206a0f8334"
age: 46594
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-request-id: PFTW33T28QR5EFRN
x-amz-id-2: fKKv4uO5qnsYFsG25g0Mv4eJ9s3pcZ6uQop4C2pXaI+L4tyYCuvtF2PiUvQGFkXYqnJzdkJ1ncs=
last-modified: Fri, 18 Feb 2022 23:39:35 GMT
server: AmazonS3
date: Tue, 22 Feb 2022 00:16:30 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 4AIBM_jYtsa2Oap4xI-CBSt-iqMHL_UcHew9ZrT5yDP3lswSk7BppQ==

GET
H2 200 / Show response
js.stripe.com/v3/ 278 KB
73 KB 174ms
45ms Script
application/javascript 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c9592b30f4d3f466ac0f81eaf2b5f558a593ffdba0b0662bdc1ae15af794a7ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 35
x-cache: Hit from cloudfront
date: Tue, 22 Feb 2022 13:12:29 GMT
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 17:59:50 GMT
server: Cloudfront
etag: W/"8168879a4d2f0f2f8fe12c7b427c0172"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: 6-mgqFTBtFs4Zh0tNoVtx04FDMdPLy1w55MvnKCUJIQJv_5g6RImgw==

GET
H2 200 ddplugin.js Show response
doublethedonation.com/api/js/ 422 KB
90 KB 188ms
188ms Script
text/javascript 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/js/ddplugin.js
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 13dcdd2fcfab982ba9e64ae2e90c6f83c2ada78324b3e0e675d1a3f3c86befee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:03 GMT
content-encoding: br
last-modified: Fri, 18 Feb 2022 15:48:20 GMT
server: nginx
etag: "620fbfc4-166d3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=600;
content-length: 91859

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 63ms
11ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5890
date: Tue, 22 Feb 2022 11:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Feb 2022 13:34:53 GMT

GET
H2 200 heap-1566116007.js Show response
cdn.heapanalytics.com/js/ 112 KB
44 KB 68ms
19ms Script
application/javascript 13.32.121.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1566116007.js

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-116.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

047dc490d80da432f27673bd2639e1784183b1a33102058256f959e7b17bea70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:11:50 GMT
content-encoding: gzip
server: nginx
age: 73
etag: W/"1c01b-3yD+QxdQOPPaKrlIVGlpIw"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA60-P1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: RuDqa4w3qjMYAGmFtYl0Vs5xw3Q7EWSnpWEieG3cMl3lvvMIvA2t3A==

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 166ms
145ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://give.pajamaprogram.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Tue, 22 Feb 2022 13:13:03 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
141 B 146ms
145ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer: https://give.pajamaprogram.org/
Bugsnag-Sent-At: 2022-02-22T13:13:03.890Z
Accept-Language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 22 Feb 2022 13:13:04 GMT
via: 1.1 google
bugsnag-session-uuid: b317b858-adbb-4536-8a7b-1b6abdd658a2
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 sdk.js Show response
give.pajamaprogram.org/sso/ 11 KB
3 KB 52ms
52ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.pajamaprogram.org/sso/sdk.js

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

f70b05c50d20b6044717b1a0f732d9f20958482d5391450af6a1cbce1eb2e514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 671
x-powered-by: PHP/5.6.40
cf-bgj: minify
last-modified: Tue, 22 Feb 2022 13:01:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-polished: origSize=21336
cf-ray: 6e1878377a42911e-FRA
expires: Tue, 22 Feb 2022 13:21:51 GMT

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1269/ 0
41 KB 11ms
10ms Other
application/javascript 13.32.121.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1269/link-dynamic-loader.js
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-78.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: kL0sXYVCy2LFStCwsBfLRCsdD3WnyXX4
content-encoding: gzip
etag: W/"9cb7c6d6ccb0a7d6bb194de351f95088"
age: 46590
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:39:35 GMT
server: AmazonS3
date: Tue, 22 Feb 2022 00:16:34 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: r8ADNEjavlPWLUvZgdo-66w_8Qa-voX_GGYczBtEq_aWiqYGPlmJBA==

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 298ms
99ms Image
image/gif 54.166.193.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=7314947728528119&v=8343216865016882&s=8332737361313724&b=web&tv=4.0&z=0&g=%23!%2Fdonation%2Fcheckout%3F&h=%2Fgive%2F247710%2F&q=%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&d=give.pajamaprogram.org&t=Pajama%20Program%20Support&us=CMemail022222&um=newsletter022222&ua=CMemail022222&ts=1645535583957&st=1645535583958

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.166.193.69 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-166-193-69.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 13:13:04 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 51ms
16ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://give.pajamaprogram.org/
Origin: https://give.pajamaprogram.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1538f"
vary: Accept-Encoding
x-hw: 1645535584.dop008.am5.t,1645535584.cds209.am5.hn,1645535584.cds006.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
give.pajamaprogram.org/sso/ssobuild/js/ 22 KB
7 KB 52ms
52ms XHR
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.pajamaprogram.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-76d324916a22ca58----1645535584067
traceparent: 00-b39495eebc02b48f0c9f92c1506af490-76d324916a22ca58-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3NmQzMjQ5MTZhMjJjYTU4IiwidHIiOiJiMzk0OTVlZWJjMDJiNDhmMGM5ZjkyYzE1MDZhZjQ5MCIsInRpIjoxNjQ1NTM1NTg0MDY3fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 672
cf-polished: origSize=35133
cf-bgj: minify
last-modified: Wed, 26 Jan 2022 18:22:02 GMT
server: cloudflare
etag: W/"61f1914a-893d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 6e1878387cfc911e-FRA
expires: Wed, 22 Feb 2023 13:01:52 GMT

GET
H2 200 m-outer-21b66fa0c573e809345fe202113a4338.html Show response
js.stripe.com/v3/ Frame 7232 240 B
961 B 26ms
25ms Document
text/html 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9a280ca12a2d4400a93d3a9faf5e18bb2f65091a76e4cfe41b78621baab826f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 240
last-modified: Tue, 15 Feb 2022 21:02:56 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Tue, 22 Feb 2022 12:25:13 GMT
cache-control: max-age=31536000
etag: "21b66fa0c573e809345fe202113a4338"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 67ODBf8w9lj2AobFdyASX1Sn6nOJc3Uw05riToNb1DttnCJAT49LOw==
age: 2886

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ 47 KB
18 KB 23ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding: gzip
etag: "7e1862f7a390ed9fc02c299216395547"
x-amz-request-id: B7ZSJ0XWM0C0H1SX
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17465
x-amz-id-2: ddPlooSAo6iHXIeX5I9N1CbV2xxUBx7siumw1tQkNskJA5m+fmzIQvPt4NusldODhryvIE6w578=
x-served-by: cache-hhn4037-HHN
last-modified: Mon, 24 Jan 2022 22:13:54 GMT
server: AmazonS3
x-timer: S1645535584.118351,VS0,VE0
date: Tue, 22 Feb 2022 13:13:04 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10546

GET
H2 200 optanon.css
prod-frs.content.classy.org/prod/15862/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/ 22 KB
6 KB 28ms
28ms Stylesheet
text/css 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15862/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 10124
cf-polished: origSize=22581
x-amz-request-id: Y5N249BJPH6TA4NS
x-amz-id-2: SagmV27t/plbT93TmJwKxafopPq7T8BAXz4mjMtbbOF0GosNYGMa3obgNMXayCJyvcxw8QLhRf0=
last-modified: Wed, 26 Jan 2022 18:32:43 GMT
server: cloudflare
etag: W/"5ec3a032a0370bd8e3f63adf430b4617"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=86400
cf-ray: 6e187838ac518fe0-FRA
cf-bgj: minify

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
256 B 68ms
48ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery32105562558240567281_1645535583812&_=1645535583813

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6e187838caa38fc5-FRA
content-length: 32

POST
H2 200 rum Show response
give.pajamaprogram.org/cdn-cgi/ 0
195 B 21ms
20ms XHR
text/plain 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.pajamaprogram.org/cdn-cgi/rum?

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-402297d1deaf48be----1645535584129
traceparent: 00-e9cfd119537bb4fb2bc2977d6ed9bfd0-402297d1deaf48be-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0MDIyOTdkMWRlYWY0OGJlIiwidHIiOiJlOWNmZDExOTUzN2JiNGZiMmJjMjk3N2Q2ZWQ5YmZkMCIsInRpIjoxNjQ1NTM1NTg0MTI5fX0=
content-type: application/json
Referer: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://give.pajamaprogram.org
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6e187838ddd7911e-FRA
vary: Origin

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 33ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 13:13:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 424
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29178
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
Server: ECS (frb/67A8)
Etag: "f7f936f48944db7f829585c4368f33ae+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 60ms
32ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

386d6705d2d0272a475b99ea3da6e3fa565474e45128668f6daf3b9d71ed694d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Tue, 22 Feb 2022 13:13:04 GMT

GET
H2 200 tax-entities Show response
give.pajamaprogram.org/frs-api/organizations/4660/ 394 B
307 B 564ms
564ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.pajamaprogram.org/frs-api/organizations/4660/tax-entities

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b88a48ad1f214ace583e35879930045fdf1d11826b8e267ed8c5e90f41e54f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: hTDTYUmj-O1P-mT-f42yMGaF5Tcy6DVHZZK8
tracestate: 423787@nr=0-1-423787-363751183-8386c3aedf35744b----1645535584309
traceparent: 00-72c42fe157d5da7adda056804603d0f0-8386c3aedf35744b-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4Mzg2YzNhZWRmMzU3NDRiIiwidHIiOiI3MmM0MmZlMTU3ZDVkYTdhZGRhMDU2ODA0NjAzZDBmMCIsInRpIjoxNjQ1NTM1NTg0MzA5fX0=
Accept: application/json, text/plain, */*
csrf-token: hTDTYUmj-O1P-mT-f42yMGaF5Tcy6DVHZZK8
Referer: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"18a-ZabhR66LiL/w584TYNEJusy535g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6e187839f92a911e-FRA
vary: Accept-Encoding

GET
H2 200 channels Show response
give.pajamaprogram.org/frs-api/campaigns/247710/ 785 B
487 B 505ms
505ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.pajamaprogram.org/frs-api/campaigns/247710/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef9b684542db552c977ec5fe8d61efba0d81ea6702bf90c19cd42bdb8009dead

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: hTDTYUmj-O1P-mT-f42yMGaF5Tcy6DVHZZK8
tracestate: 423787@nr=0-1-423787-363751183-52f90968baa6c840----1645535584340
traceparent: 00-d40629fedb2d73db1fad83eaa1679cb0-52f90968baa6c840-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI1MmY5MDk2OGJhYTZjODQwIiwidHIiOiJkNDA2MjlmZWRiMmQ3M2RiMWZhZDgzZWFhMTY3OWNiMCIsInRpIjoxNjQ1NTM1NTg0MzQwfX0=
Accept: application/json, text/plain, */*
csrf-token: hTDTYUmj-O1P-mT-f42yMGaF5Tcy6DVHZZK8
Referer: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"311-bzi7kJRBKLRYSc7Vhc9zGh/ltbg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6e18783a298d911e-FRA
vary: Accept-Encoding

GET
H2 200 ach-account-routing Show response
give.pajamaprogram.org/frs-api/organizations/4660/ 33 B
169 B 496ms
496ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.pajamaprogram.org/frs-api/organizations/4660/ach-account-routing

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: hTDTYUmj-O1P-mT-f42yMGaF5Tcy6DVHZZK8
tracestate: 423787@nr=0-1-423787-363751183-83b50c39c4b0d127----1645535584341
traceparent: 00-75ad9db5605c3ced69fb653602dfdb70-83b50c39c4b0d127-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4M2I1MGMzOWM0YjBkMTI3IiwidHIiOiI3NWFkOWRiNTYwNWMzY2VkNjlmYjY1MzYwMmRmZGI3MCIsInRpIjoxNjQ1NTM1NTg0MzQxfX0=
Accept: application/json, text/plain, */*
csrf-token: hTDTYUmj-O1P-mT-f42yMGaF5Tcy6DVHZZK8
Referer: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6e18783a298f911e-FRA
vary: Accept-Encoding
content-length: 33

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
804 B 508ms
439ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=11779&currency=EUR

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.pajamaprogram.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
x-classypay-requestid: 21b7ceca-9974-4dcd-99de-7af04308414b
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6e18783ad89391de-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: 5HtCs_oQyodlVYKWNMpop2oQ6M6_BAlp_TG0OsSKQQF5omYLG9emMw==

GET
H2 200 242ccc88-8ef3-11ea-8565-0a2930b6da89.png
assets.classy.org/10528428/ 54 KB
55 KB 257ms
256ms Image
image/png 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/10528428/242ccc88-8ef3-11ea-8565-0a2930b6da89.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

243bf181190f4c12bb99cd2a31d2c13fbd0fe10189c1bb1926d7935c45519452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
via: 1.1 11e8f0c61352b0b7123fef57178c7f98.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 55464
last-modified: Tue, 05 May 2020 17:09:13 GMT
server: cloudflare
etag: "9ef3039cb17d6aec0622de93dcafa4fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: public,max-age=31536000
x-amz-version-id: 6Vrl_zKERoiSzOmATduj4TZLSFEotS.M
accept-ranges: bytes
cf-ray: 6e18783a98768fe0-FRA
x-amz-cf-id: dmMvOdnxuLY-hYVurjoy-tPi01W-IHprsx8aSo0YVfQmvjjpDwtfnQ==

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/15862/static/global/images/ 394 B
654 B 32ms
31ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/15862/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15862/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/15862/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
vary: Accept
cf-cache-status: HIT
age: 61660
cf-polished: origFmt=png, origSize=547
cf-ray: 6e18783a987c8fe0-FRA
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: wzefYyxLhyjEK6lyg/tKIWBRJgeo5aKY9/3mLc77RNXS/pUE7/Emrm5fBFM3FrlmgDl0/xW/f5g=
last-modified: Wed, 26 Jan 2022 18:32:43 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: F3S2MME0XXJTFVDP
cache-control: max-age=86400
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/15862/static/global/fonts/ 42 KB
43 KB 50ms
30ms Font
application/x-font-woff 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15862/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15862/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f38287ccf7092813af11fe371e87b68e6700ea5d070496c4c4102a2d13216c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/15862/static/frs/main.css
Origin: https://give.pajamaprogram.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 51284
cf-ray: 6e18783acccc91d8-FRA
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 43184
x-amz-id-2: IHtDyXHAph8pNZRduTgoXpMklebbECWMdleHghbpPEJOJ2EuFColOF22IwwzGifn9JjcgTnpuuA=
last-modified: Wed, 26 Jan 2022 18:32:43 GMT
server: cloudflare
etag: "cc850467987ad4e84c954c158a67a4ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
x-amz-request-id: 8J21YXXGF8MKA8JK
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-type: application/x-font-woff

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/15862/static/fonts/ 65 KB
66 KB 107ms
87ms Font
binary/octet-stream 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15862/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15862/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/15862/static/frs/main.css
Origin: https://give.pajamaprogram.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 51284
cf-ray: 6e18783accd491d8-FRA
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 66624
x-amz-id-2: KrpwsLti8eYS9wH376CsXv5HleRmw+O57Irsn5Bhjq1ze6/HnfR0WMJWBhIZNLry6nDV8SiFFDQ=
last-modified: Wed, 26 Jan 2022 18:32:42 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
x-amz-request-id: 8J28KMVC13KQG8DK
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-type: binary/octet-stream

GET
H2 200 currency-conversions Show response
give.pajamaprogram.org/frs-api/i18n/ 73 B
437 B 218ms
217ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.pajamaprogram.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6fd79ce5eb8933f0a04cd1f999ac74d16606a81881b9c93c5d50f9b065a51da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: hTDTYUmj-O1P-mT-f42yMGaF5Tcy6DVHZZK8
tracestate: 423787@nr=0-1-423787-363751183-bb4298aa2b28eefe----1645535584504
traceparent: 00-d4f38d86fdba8fcfbfe9985751302800-bb4298aa2b28eefe-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiYjQyOThhYTJiMjhlZWZlIiwidHIiOiJkNGYzOGQ4NmZkYmE4ZmNmYmZlOTk4NTc1MTMwMjgwMCIsInRpIjoxNjQ1NTM1NTg0NTA0fX0=
Accept: application/json, text/plain, */*
csrf-token: hTDTYUmj-O1P-mT-f42yMGaF5Tcy6DVHZZK8
Referer: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"49-ZEHkgymcpi3yTikJBLtkiCDjsHs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6e18783b2c43911e-FRA
vary: Accept-Encoding

GET
H2 200 user-icon.png
give.pajamaprogram.org/static/global/images/ 2 KB
2 KB 37ms
37ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.pajamaprogram.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 671
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
cf-bgj: imgq:85,h2pri
content-length: 2024
last-modified: Wed, 26 Jan 2022 18:28:22 GMT
server: cloudflare
etag: "61f192c6-11ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e18783b3c4f911e-FRA
expires: Wed, 22 Feb 2023 13:01:53 GMT

GET
H2 200 f357235c-ca9d-11e9-8206-0aa1293d7886.png
assets.classy.org/10528443/ 19 KB
19 KB 798ms
798ms Image
image/png 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/10528443/f357235c-ca9d-11e9-8206-0aa1293d7886.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07bc0baec6b2902f57553499b92eebf4789530923d152c1355ffd18c81a36a34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
via: 1.1 e6c9a537bd3796ea580cf02a62b7c246.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: FAILED
content-length: 19270
last-modified: Thu, 29 Aug 2019 20:45:36 GMT
server: cloudflare
etag: "64c6b9c46ab5a6dfca75c5eb844458f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: public,max-age=31536000
x-amz-version-id: xQ_35mHLfMSn9cP2JVaa5c60L8b7EsQP
accept-ranges: bytes
cf-ray: 6e18783b39c98fe0-FRA
x-amz-cf-id: imMnA6nLz9Q4EGDzNhNqgUmb1fOqF2rxGoEO0UYTQ0fTCIcJkkr5cA==

GET
H2 200 5810ba18-caa5-11e9-a94a-0e4b4b71fd08.png
assets.classy.org/10528443/ 26 KB
26 KB 262ms
261ms Image
image/png 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/10528443/5810ba18-caa5-11e9-a94a-0e4b4b71fd08.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d752ebf9dc66ad44c88f5a0ad523d1f3cfd5280a66843917a6e86146cafe24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
via: 1.1 e524b8092e2dda964664df0dfa35341a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: HEL50-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 26347
last-modified: Thu, 29 Aug 2019 21:38:32 GMT
server: cloudflare
etag: "e580413d6ca220992c148862195b2fe6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: public,max-age=31536000
x-amz-version-id: n_LOFDEgdPeyqaYybNE0c_y5oog2K3VJ
accept-ranges: bytes
cf-ray: 6e18783b39cd8fe0-FRA
x-amz-cf-id: O-sbeYWjWkISXgp0DxA6OhBGygZ6jVMIz3v3dSJrbsNFvlfkQzGD8A==

POST
H2 200 rum Show response
give.pajamaprogram.org/cdn-cgi/ 0
77 B 21ms
21ms XHR
text/plain 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.pajamaprogram.org/cdn-cgi/rum?

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-67e0139a8865995f----1645535584514
traceparent: 00-eb0b6eb31f78d5ea6ed47bc3d4b140f0-67e0139a8865995f-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2N2UwMTM5YTg4NjU5OTVmIiwidHIiOiJlYjBiNmViMzFmNzhkNWVhNmVkNDdiYzNkNGIxNDBmMCIsInRpIjoxNjQ1NTM1NTg0NTE0fX0=
content-type: application/json
Referer: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://give.pajamaprogram.org
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6e18783b4c89911e-FRA
vary: Origin

POST
H2 200 csp-report
q.stripe.com/ Frame 7232 0
357 B 539ms
176ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 1
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 102ms
101ms Image
image/gif 54.166.193.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=7314947728528119&v=7727487079352693&s=8332737361313724&b=web&tv=4.0&z=2&g=%23!%2Fdonation%2Fcheckout&h=%2Fgive%2F247710%2F&q=%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&d=give.pajamaprogram.org&t=Donate%20to%20Pajama%20Program%20Support&us=CMemail022222&um=newsletter022222&ua=CMemail022222&ts=1645535584537&pr=%2Fgive%2F247710%2F&sp=z&sp=0&sp=us&sp=CMemail022222&sp=um&sp=newsletter022222&sp=ua&sp=CMemail022222&sp=ts&sp=1645535583957&sp=d&sp=give.pajamaprogram.org&sp=h&sp=%2Fgive%2F247710%2F&sp=t&sp=Pajama%20Program%20Support&sp=q&sp=%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&sp=g&sp=%23!%2Fdonation%2Fcheckout%3F&st=1645535584538

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.166.193.69 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-166-193-69.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 13:13:04 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 58ms
27ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fa553b3ca22c21a48fb04341944ed72eff3fc14e3bee039d4f92dccfb270bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 13:04:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 13:13:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 13:13:04 GMT

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
476 B 375ms
375ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=11779&currency=EUR

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc59be87f4a2ff16a6949d08b4405d1223bca5e6109b65f8d350733faf11c13d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.pajamaprogram.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
via: 1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
x-classypay-requestid: 940e0182-103a-417d-b17c-2c1f103e56a1
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6e18783b7a9491de-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: UMfw_YzLmFzKuSh5FW9qzrzxpOOPxd19biZolwsHENN_3t_tWjn_mQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
152 B 24ms
23ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=685329099&t=timing&_s=1&dl=https%3A%2F%2Fgive.pajamaprogram.org%2Fgive%2F247710%2F%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&ul=en-us&de=UTF-8&dt=Donate%20to%20Pajama%20Program%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20latency&utv=fresh&utl=1645535584168&utt=58&_u=aGDACEABBAAAAC~&jid=1706461499&gjid=844743190&cid=1715872647.1645535584&tid=UA-3837893-1&_gid=727678510.1645535584&_r=1&_slc=1&cd1=4660&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=247710&cd6=campaign&cd11=recurring%20optimization&z=466157393

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.pajamaprogram.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 13:13:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.pajamaprogram.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 8ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=685329099&t=timing&_s=2&dl=https%3A%2F%2Fgive.pajamaprogram.org%2Fgive%2F247710%2F%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&ul=en-us&de=UTF-8&dt=Donate%20to%20Pajama%20Program%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1645535584168&utt=602&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1715872647.1645535584&tid=UA-3837893-1&_gid=727678510.1645535584&cd1=4660&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=247710&cd6=campaign&cd11=recurring%20optimization&z=941574886

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 18:52:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
8ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=685329099&t=timing&_s=3&dl=https%3A%2F%2Fgive.pajamaprogram.org%2Fgive%2F247710%2F%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&ul=en-us&de=UTF-8&dt=Donate%20to%20Pajama%20Program%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1645535584168&utt=1068&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1715872647.1645535584&tid=UA-3837893-1&_gid=727678510.1645535584&cd1=4660&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=247710&cd6=campaign&cd11=recurring%20optimization&z=353918813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 18:52:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 9ms
8ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=685329099&t=timing&_s=4&dl=https%3A%2F%2Fgive.pajamaprogram.org%2Fgive%2F247710%2F%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&ul=en-us&de=UTF-8&dt=Donate%20to%20Pajama%20Program%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1645535584168&utt=1205&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1715872647.1645535584&tid=UA-3837893-1&_gid=727678510.1645535584&cd1=4660&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=247710&cd6=campaign&cd11=recurring%20optimization&z=322528114

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 18:52:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 9ms
9ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=685329099&t=timing&_s=5&dl=https%3A%2F%2Fgive.pajamaprogram.org%2Fgive%2F247710%2F%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&ul=en-us&de=UTF-8&dt=Donate%20to%20Pajama%20Program%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1645535584168&utt=2052&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1715872647.1645535584&tid=UA-3837893-1&_gid=727678510.1645535584&cd1=4660&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=247710&cd6=campaign&cd11=recurring%20optimization&z=1336338938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 18:52:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
258 B 106ms
102ms Image
image/gif 54.166.193.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1566116007&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=8&st=1645535584572&hv=4.17.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.166.193.69 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-166-193-69.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 13:13:04 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 status Show response
give.pajamaprogram.org/sso/ 89 B
1 KB 476ms
475ms XHR
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.pajamaprogram.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery33108394673580371268_1645535584063&_=1645535584064

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

dfaa563d8ac1afca316a84c3e4885470aa5dbb2b4d1e7e35f64ae78644082c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-599c8a4225780872----1645535584588
traceparent: 00-fa04d5462b38ec73845b9cefd9ab4db0-599c8a4225780872-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI1OTljOGE0MjI1NzgwODcyIiwidHIiOiJmYTA0ZDU0NjJiMzhlYzczODQ1YjljZWZkOWFiNGRiMCIsInRpIjoxNjQ1NTM1NTg0NTg4fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
X-Requested-With: XMLHttpRequest

Response headers

cf-ray: 6e18783bbd87911e-FRA
date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
444 B 93ms
26ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3837893-1&cid=1715872647.1645535584&jid=1706461499&gjid=844743190&_gid=727678510.1645535584&_u=aGDACEAABAAAAC~&z=1070297040

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.pajamaprogram.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Feb 2022 13:13:04 GMT
content-type: text/plain
access-control-allow-origin: https://give.pajamaprogram.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 67fe2a1b26 Show response
bam-cell.nr-data.net/1/ 49 B
715 B 490ms
468ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/67fe2a1b26?a=363721230&v=1215.1253ab8&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=2107&ck=1&ref=https://give.pajamaprogram.org/give/247710/&ap=201.509546&be=1196&fe=1606&dc=1603&tt=ec84512b9e1680&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1645535582491,%22n%22:0,%22f%22:17,%22dn%22:18,%22dne%22:18,%22c%22:18,%22s%22:24,%22ce%22:58,%22rq%22:58,%22rp%22:602,%22rpe%22:1068,%22dl%22:605,%22di%22:1070,%22ds%22:1174,%22de%22:1174,%22dc%22:1193,%22l%22:1193,%22le%22:1205%7D,%22navigation%22:%7B%7D%7D&fp=2056&fcp=2056&jsonp=NREUM.setToken
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 13:13:05 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6e18783becbc9256-FRA

GET
H2 200 m-outer-5c4150bc004c99291dfd234a82c582e0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7232 1 KB
1 KB 17ms
17ms Script
application/javascript 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-5c4150bc004c99291dfd234a82c582e0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 35
x-cache: Hit from cloudfront
date: Tue, 22 Feb 2022 13:12:34 GMT
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 21:03:02 GMT
server: Cloudfront
etag: W/"d0c7e21ec457b6a134a496f107c3ca93"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: tsvww4u7Hg898YxNQlTylgLTEpknGGClHAXds6mtFVTy6gW1kLNllg==

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/c3125ad0/www-widgetapi.vflset/ 147 KB
47 KB 29ms
11ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34ab26c49efdbbeca6567e183ca38ad41691979e324b377d7a2328b44e0d23e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 09:24:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48596
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Feb 2023 09:24:18 GMT

GET
H/1.1 200
OK widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame 947E 319 KB
104 KB 8ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fgive.pajamaprogram.org
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 480800
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 22 Feb 2022 13:13:04 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 16 Feb 2022 18:36:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67A8)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 257A 932 B
1 KB 52ms
22ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-5c4150bc004c99291dfd234a82c582e0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: max-age=300, public
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Tue, 22 Feb 2022 13:13:04 GMT
via: 1.1 varnish
age: 33
x-request-id: 0f6ca108-ae7c-47b7-a289-72ae08eb2ed6
x-served-by: cache-hhn4049-HHN
x-cache: HIT
x-cache-hits: 54
x-timer: S1645535585.686904,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 528

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 27 KB
27 KB 47ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.pajamaprogram.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 09:01:53 GMT
x-content-type-options: nosniff
age: 533471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 09:01:53 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 27 KB
27 KB 54ms
17ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.pajamaprogram.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 09:01:53 GMT
x-content-type-options: nosniff
age: 533471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 09:01:53 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 27 KB
27 KB 59ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.pajamaprogram.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 09:01:53 GMT
x-content-type-options: nosniff
age: 533471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 09:01:53 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v10/ 28 KB
29 KB 71ms
37ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.pajamaprogram.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 21:12:13 GMT
x-content-type-options: nosniff
age: 576051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29144
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 21:12:13 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v10/ 28 KB
29 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.pajamaprogram.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 21:12:13 GMT
x-content-type-options: nosniff
age: 576051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29144
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 21:12:13 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 27 KB
27 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.pajamaprogram.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 09:01:53 GMT
x-content-type-options: nosniff
age: 533471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 09:01:53 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 27 KB
27 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.pajamaprogram.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 09:01:53 GMT
x-content-type-options: nosniff
age: 533471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 09:01:53 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 257A 0
130 B 331ms
176ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 22 Feb 2022 13:13:04 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
713 B 428ms
428ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=11779&currency=EUR

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc59be87f4a2ff16a6949d08b4405d1223bca5e6109b65f8d350733faf11c13d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.pajamaprogram.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: PRG50-C1
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=2nfUCAXGuY.AxiZFSX2Wfh8lCVmAJrQZnie_cbDEz18-1645535585-0-Aa8Zhh7jUatUD2KYE7-WRHc5H162hKR2ccQy1jO8sdI9yhQN04c3lJL7WIKSjFvG5Y6gqk0cNVr9Nglt4-JPtDY
x-cache: Miss from cloudfront
x-classypay-requestid: af872e67-8ea6-4f1c-81a0-8202ede6a59b
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6e18783cde9d91de-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: kGeDGh5I-Vhb6AQN-T-3HmFREfaZALpDLCWPL9uzOzpXhCxsUFy6ew==

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame 257A 85 KB
16 KB 42ms
41ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 37
x-cache: HIT
content-length: 15786
x-request-id: ccfb3a8c-b7a1-4cad-9bcb-644e147ed212
x-served-by: cache-hhn4049-HHN
server: Fastly
x-timer: S1645535585.789772,VS0,VE0
date: Tue, 22 Feb 2022 13:13:04 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 64

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 947E 232 B
447 B 192ms
117ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=93805609992175d5a8237d9098058bf21d5a1c71

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fgive.pajamaprogram.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 22 Feb 2022 13:13:04 GMT
content-encoding: gzip
last-modified: Tue, 22 Feb 2022 13:13:04 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: e4137c52e3cb1ce731f9a2d4e581c192be2c3fbaf2e753a7979f8678acd938c3
content-length: 166

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
414 B 496ms
495ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=11779&currency=EUR

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.pajamaprogram.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
x-classypay-requestid: 15a43ffe-e557-4ef9-8ac3-500dd99a0277
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6e18783dd9a291de-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: 9vEMfcygccKruVsReY1bzPGol4_vULMmRcWvQ3FvRncnqpY1qaIBhw==

POST
H2 200 6 Show response
m.stripe.com/ Frame 257A 156 B
523 B 545ms
180ms XHR
application/json 34.209.192.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.209.192.116 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-209-192-116.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9992e36b8bfeae13891e71349328a5e900f4c4e9db71ac738de0a5260e0c83cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 controller-1d0b1f96bba543b07af5eecaa32a34c5.html Show response
js.stripe.com/v3/ Frame BAB5 349 B
1 KB 17ms
16ms Document
text/html 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-1d0b1f96bba543b07af5eecaa32a34c5.html

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5526409ef24c774ab83b7af2eaebf092681f7ca54e3662e6f11ebe879509ff9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 349
last-modified: Fri, 18 Feb 2022 17:41:21 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Tue, 22 Feb 2022 13:12:35 GMT
cache-control: max-age=60
etag: "1d0b1f96bba543b07af5eecaa32a34c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: CPau01asw5ojkehVbJ8PueqRhGP73FH6bjapkQQNnxeuDkrpA_cMSg==
age: 36

GET
H2 200 payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html Show response
js.stripe.com/v3/ Frame B77E 434 B
1 KB 18ms
18ms Document
text/html 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7365a0b729f2e32fa018fe0f5b77b0707384e262e6efcd6a656264c7f343a60a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 434
last-modified: Fri, 18 Feb 2022 17:41:21 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Tue, 22 Feb 2022 13:13:04 GMT
cache-control: max-age=60
etag: "e09938a9a4cdde00fb1d311972d0f38d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: XBxIsjimGPwcK8MQFIG2wKwCaMQ-1ql1A2rnvlnAFDZhcck_uisKnA==
age: 23

GET
H2 200 payment-request-inner-browser-ad374c3654b8ddaa717bfcf79d1b258a.html Show response
js.stripe.com/v3/ Frame 31DB 370 B
1 KB 16ms
16ms Document
text/html 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-ad374c3654b8ddaa717bfcf79d1b258a.html

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

54edc851fe7dcf19cf457a78d792c5b5b7221fb4544eef4cc026ec8a34820455

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 370
last-modified: Fri, 18 Feb 2022 17:41:21 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Tue, 22 Feb 2022 13:13:02 GMT
cache-control: max-age=60
etag: "ad374c3654b8ddaa717bfcf79d1b258a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: LmIE4EC3Hcs72j_Ee4Ufw7jmO9OZEvri1RbGvaaQtJZ2O1WBtOGzLw==
age: 5

POST
H2 200 csp-report
q.stripe.com/ Frame BAB5 0
356 B 179ms
179ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 0
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 shared-5973bbc216e5ba0f742ba1de1a16e20c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BAB5 205 KB
55 KB 24ms
21ms Script
application/javascript 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1d0b1f96bba543b07af5eecaa32a34c5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8f39f110ba515128e3a9726e1487126ed268890377996d933c20661e12983fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1d0b1f96bba543b07af5eecaa32a34c5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 47
x-cache: Hit from cloudfront
date: Tue, 22 Feb 2022 13:12:19 GMT
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 17:40:55 GMT
server: Cloudfront
etag: W/"1f85f7af6e9d668afdf21e9e3fdbbba1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: 77cHBfokSXGFfChUDti4zH0oftTBLbC3RtKFPwQ8iEPbar1dcR3ZIA==

GET
H2 200 controller-3c8120d2df9af5305e558fb425f856c0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BAB5 325 KB
90 KB 31ms
29ms Script
application/javascript 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-3c8120d2df9af5305e558fb425f856c0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1d0b1f96bba543b07af5eecaa32a34c5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

322d5c0073bf656509fa530a66fdf13cd33f0c29ed849cf9988f78a4c17432c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1d0b1f96bba543b07af5eecaa32a34c5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 14
x-cache: Hit from cloudfront
date: Tue, 22 Feb 2022 13:12:56 GMT
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
last-modified: Thu, 17 Feb 2022 18:54:43 GMT
server: Cloudfront
etag: W/"99752ca512a0a4a9657dc1d2f24f085d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: GoqSsGr_bHi29DwrJQNu_HWN21Zh9c9uZub3vmWjZLrU6WpC3mDEUA==

POST
H2 200 csp-report
q.stripe.com/ Frame 31DB 0
356 B 179ms
178ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 1
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B77E 0
356 B 243ms
242ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 1
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 shared-5973bbc216e5ba0f742ba1de1a16e20c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 31DB 205 KB
55 KB 36ms
35ms Script
application/javascript 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-ad374c3654b8ddaa717bfcf79d1b258a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8f39f110ba515128e3a9726e1487126ed268890377996d933c20661e12983fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad374c3654b8ddaa717bfcf79d1b258a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 47
x-cache: Hit from cloudfront
date: Tue, 22 Feb 2022 13:12:19 GMT
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 17:40:55 GMT
server: Cloudfront
etag: W/"1f85f7af6e9d668afdf21e9e3fdbbba1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: zz_d3pbeNFsljD0PAAwp5yQiQvqOYVyPnGeP1n20jik05rx-A0bi6w==

GET
H2 200 payment-request-inner-browser-831f2bb780211708cca40d76323d4e01.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 31DB 11 KB
5 KB 52ms
51ms Script
application/javascript 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-831f2bb780211708cca40d76323d4e01.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-ad374c3654b8ddaa717bfcf79d1b258a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d1ffaa080eb9d71e5964528904fc379fe0f165dcaf692f7b913a87ac82e7f442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad374c3654b8ddaa717bfcf79d1b258a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 57
x-cache: Hit from cloudfront
date: Tue, 22 Feb 2022 13:13:05 GMT
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 21:03:03 GMT
server: Cloudfront
etag: W/"7ca5ce7ebde53080a37ab4d412a3dd11"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: C33S9Fd66IMYu1dBExnkKYXOggh08MzCNHp6FPfuBmw7DbFhLAvSdA==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame B77E 95 KB
31 KB 134ms
70ms Script
application/javascript 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ecde91d88dbb2ac0fee3fd1fbb92977853f7e91ba1977c2c33b04d237165693

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-LMwAksZ53Z8hYWxjSW0itw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-LMwAksZ53Z8hYWxjSW0itw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-LMwAksZ53Z8hYWxjSW0itw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-LMwAksZ53Z8hYWxjSW0itw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
expires: Tue, 22 Feb 2022 13:13:05 GMT

GET
H2 200 shared-5973bbc216e5ba0f742ba1de1a16e20c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B77E 205 KB
55 KB 43ms
43ms Script
application/javascript 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8f39f110ba515128e3a9726e1487126ed268890377996d933c20661e12983fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 47
x-cache: Hit from cloudfront
date: Tue, 22 Feb 2022 13:12:19 GMT
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 17:40:55 GMT
server: Cloudfront
etag: W/"1f85f7af6e9d668afdf21e9e3fdbbba1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: nYfl7RsRLvsmy5YSsH7Ow6N9xrTbUAPFMF8BZDaY18xczc7IDmN9mg==

GET
H2 200 payment-request-inner-google-pay-082974f287ec01f45f784410dd463699.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B77E 13 KB
5 KB 52ms
52ms Script
application/javascript 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-082974f287ec01f45f784410dd463699.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

23d996d9465f3afc9872ed60ec2d5ab1c66755af8822d2b84661879a5b6c165b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 29
x-cache: Hit from cloudfront
date: Tue, 22 Feb 2022 13:13:05 GMT
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 21:03:13 GMT
server: Cloudfront
etag: W/"829969a813e0855566955ae1edfaf706"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: 1Wt4FJexR6_g6w0MfSEZSOtMK2AoWgZDnhrPVWw88RjtGKdzrDxK4w==

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 189ms
180ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 100ms
100ms Image
image/gif 54.166.193.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=7314947728528119&v=7727487079352693&s=8332737361313724&b=web&tv=4.0&sp=us&sp=CMemail022222&sp=um&sp=newsletter022222&sp=ua&sp=CMemail022222&sp=ts&sp=1645535583957&sp=d&sp=give.pajamaprogram.org&sp=h&sp=%2Fgive%2F247710%2F&sp=q&sp=%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&sp=g&sp=%23!%2Fdonation%2Fcheckout%3F&pp=d&pp=give.pajamaprogram.org&pp=q&pp=%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&pp=h&pp=%2Fgive%2F247710%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=Donate%20to%20Pajama%20Program%20Support&pp=ts&pp=1645535584537&pp=pr&pp=%2Fgive%2F247710%2F&id0=6957566008104655&k0=environment&k0=prod&k0=organization_id&k0=4660&k0=payment_processor&k0=Authorize.net&k0=campaign&k0=247710&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=page&k0=%2Fgive%2F247710%2F%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222%23!%2Fdonation%2Fcheckout&k0=title&k0=Donation%20Page&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1645535585088&st=1645535585091

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.166.193.69 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-166-193-69.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 13:13:05 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 181ms
180ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 179ms
179ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 179ms
179ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 179ms
179ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 240ms
240ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 240ms
240ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 240ms
240ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 239ms
239ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 230ms
229ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 20ms
20ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=685329099&t=pageview&_s=1&dl=https%3A%2F%2Fgive.pajamaprogram.org%2Fgive%2F247710%2F%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&dp=%2Fgive%2F247710%2F%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=839600934&gjid=1019414948&cid=1715872647.1645535584&tid=UA-55073423-1&_gid=727678510.1645535584&_r=1&_slc=1&z=690346201

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.pajamaprogram.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 13:13:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.pajamaprogram.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
9ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=685329099&t=pageview&_s=6&dl=https%3A%2F%2Fgive.pajamaprogram.org%2Fgive%2F247710%2F%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&dp=%2Fgive%2F247710%2F%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1715872647.1645535584&tid=UA-3837893-1&_gid=727678510.1645535584&cd1=4660&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=247710&cd6=campaign&cd11=recurring%20optimization&z=1109486218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 10:49:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8623
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 4B36 18 KB
7 KB 95ms
72ms Document
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

18c4d2274a0d80762563340b18809e955a2c0726486ddf03c74d99394c104a00

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-uY5DzREE02Y1BepdSo9qnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-uY5DzREE02Y1BepdSo9qnQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Tue, 22 Feb 2022 13:13:05 GMT
date: Tue, 22 Feb 2022 13:13:05 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-uY5DzREE02Y1BepdSo9qnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-uY5DzREE02Y1BepdSo9qnQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 controller-1d0b1f96bba543b07af5eecaa32a34c5.html Show response
js.stripe.com/v3/ Frame 0AF4 349 B
1 KB 18ms
18ms Document
text/html 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-1d0b1f96bba543b07af5eecaa32a34c5.html

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5526409ef24c774ab83b7af2eaebf092681f7ca54e3662e6f11ebe879509ff9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 349
last-modified: Fri, 18 Feb 2022 17:41:21 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Tue, 22 Feb 2022 13:12:35 GMT
cache-control: max-age=60
etag: "1d0b1f96bba543b07af5eecaa32a34c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: K2PDhZYMPTZ4d9nFWsDi07TGO3uXK1LTCqxAWB6S9JwA2uQAQrEQIA==
age: 37

GET
H2 200 payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html Show response
js.stripe.com/v3/ Frame 75CD 434 B
1 KB 19ms
19ms Document
text/html 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7365a0b729f2e32fa018fe0f5b77b0707384e262e6efcd6a656264c7f343a60a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 434
last-modified: Fri, 18 Feb 2022 17:41:21 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Tue, 22 Feb 2022 13:13:04 GMT
cache-control: max-age=60
etag: "e09938a9a4cdde00fb1d311972d0f38d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: osHCoEhHl0Oqmx3jbJgz2aXxNUAXgocuTQatstIOmecWnEo1SIMyyA==
age: 24

GET
H2 200 payment-request-inner-browser-ad374c3654b8ddaa717bfcf79d1b258a.html Show response
js.stripe.com/v3/ Frame D49F 370 B
1 KB 18ms
18ms Document
text/html 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-ad374c3654b8ddaa717bfcf79d1b258a.html

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

54edc851fe7dcf19cf457a78d792c5b5b7221fb4544eef4cc026ec8a34820455

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 370
last-modified: Fri, 18 Feb 2022 17:41:21 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Tue, 22 Feb 2022 13:13:02 GMT
cache-control: max-age=60
etag: "ad374c3654b8ddaa717bfcf79d1b258a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: l3lahhtqb0yzFdJqGZGCMnGsl5MCRbtOLNLscfOFv6tAblwnW4S_6g==
age: 6

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=685329099&t=timing&_s=7&dl=https%3A%2F%2Fgive.pajamaprogram.org%2Fgive%2F247710%2F%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&dp=%2Fgive%2F247710%2F%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1645535584168&utt=2819&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1715872647.1645535584&tid=UA-3837893-1&_gid=727678510.1645535584&cd1=4660&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=247710&cd6=campaign&cd11=recurring%20optimization&z=1582707020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 10:49:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8623
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 4B36 2 KB
2 KB 20ms
20ms Other
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame 4B36 148 KB
53 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22295c31a0aecd95a39aae4feeb8e3857ea6c53b2bfe79724a2d9c3d71f7cd2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53162
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 06:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 17:28:24 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 0AF4 0
356 B 178ms
177ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D49F 0
356 B 176ms
176ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 0
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 75CD 0
356 B 176ms
176ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 1
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 shared-5973bbc216e5ba0f742ba1de1a16e20c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0AF4 205 KB
55 KB 23ms
22ms Script
application/javascript 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1d0b1f96bba543b07af5eecaa32a34c5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8f39f110ba515128e3a9726e1487126ed268890377996d933c20661e12983fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1d0b1f96bba543b07af5eecaa32a34c5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 47
x-cache: Hit from cloudfront
date: Tue, 22 Feb 2022 13:12:19 GMT
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 17:40:55 GMT
server: Cloudfront
etag: W/"1f85f7af6e9d668afdf21e9e3fdbbba1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: yvr3l-buh-KyoqqIymVhhqidiQ4lmuSzwA0bIGir6UuGL78Dc4D8wQ==

GET
H2 200 controller-3c8120d2df9af5305e558fb425f856c0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0AF4 325 KB
90 KB 37ms
36ms Script
application/javascript 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-3c8120d2df9af5305e558fb425f856c0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1d0b1f96bba543b07af5eecaa32a34c5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

322d5c0073bf656509fa530a66fdf13cd33f0c29ed849cf9988f78a4c17432c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1d0b1f96bba543b07af5eecaa32a34c5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 14
x-cache: Hit from cloudfront
date: Tue, 22 Feb 2022 13:12:56 GMT
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
last-modified: Thu, 17 Feb 2022 18:54:43 GMT
server: Cloudfront
etag: W/"99752ca512a0a4a9657dc1d2f24f085d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: 7r3PYuNarSs8pqBiAHVz69TuA9c94RADPDNVub1qRg3NojD_ONBubw==

GET
H2 200 shared-5973bbc216e5ba0f742ba1de1a16e20c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D49F 205 KB
55 KB 30ms
29ms Script
application/javascript 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-ad374c3654b8ddaa717bfcf79d1b258a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8f39f110ba515128e3a9726e1487126ed268890377996d933c20661e12983fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad374c3654b8ddaa717bfcf79d1b258a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 47
x-cache: Hit from cloudfront
date: Tue, 22 Feb 2022 13:12:19 GMT
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 17:40:55 GMT
server: Cloudfront
etag: W/"1f85f7af6e9d668afdf21e9e3fdbbba1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: lbd13OolNQHp2FU0-XymCAKcH7x3Phu5w-LnUUPUj2bKOqNm0H7nrA==

GET
H2 200 payment-request-inner-browser-831f2bb780211708cca40d76323d4e01.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D49F 11 KB
5 KB 33ms
32ms Script
application/javascript 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-831f2bb780211708cca40d76323d4e01.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-ad374c3654b8ddaa717bfcf79d1b258a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d1ffaa080eb9d71e5964528904fc379fe0f165dcaf692f7b913a87ac82e7f442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad374c3654b8ddaa717bfcf79d1b258a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 57
x-cache: Hit from cloudfront
date: Tue, 22 Feb 2022 13:13:05 GMT
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 21:03:03 GMT
server: Cloudfront
etag: W/"7ca5ce7ebde53080a37ab4d412a3dd11"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: xAVRIg7ELRE6HvX9LaCmhjKThvANpvzrpl5jXWdXF8YWjNIDB4g5lQ==

GET
H3 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 75CD 95 KB
30 KB 73ms
72ms Script
application/javascript 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ecde91d88dbb2ac0fee3fd1fbb92977853f7e91ba1977c2c33b04d237165693

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pgW7++gtyvMr3tFpPQzoww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-pgW7++gtyvMr3tFpPQzoww' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-pgW7++gtyvMr3tFpPQzoww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-pgW7++gtyvMr3tFpPQzoww' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 22 Feb 2022 13:13:05 GMT

GET
H2 200 shared-5973bbc216e5ba0f742ba1de1a16e20c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 75CD 205 KB
55 KB 44ms
43ms Script
application/javascript 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8f39f110ba515128e3a9726e1487126ed268890377996d933c20661e12983fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 47
x-cache: Hit from cloudfront
date: Tue, 22 Feb 2022 13:12:19 GMT
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 17:40:55 GMT
server: Cloudfront
etag: W/"1f85f7af6e9d668afdf21e9e3fdbbba1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: rmSgOkwisYRqyav8pQYamRXKI-A32WZZD8RQIRrb0HUXR_yc2sV1kQ==

GET
H2 200 payment-request-inner-google-pay-082974f287ec01f45f784410dd463699.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 75CD 13 KB
5 KB 48ms
48ms Script
application/javascript 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-082974f287ec01f45f784410dd463699.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

23d996d9465f3afc9872ed60ec2d5ab1c66755af8822d2b84661879a5b6c165b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-e09938a9a4cdde00fb1d311972d0f38d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 29
x-cache: Hit from cloudfront
date: Tue, 22 Feb 2022 13:13:05 GMT
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 21:03:13 GMT
server: Cloudfront
etag: W/"829969a813e0855566955ae1edfaf706"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: PMXKWMVCUAZG_wkRFtc5smTCCyIdOcGGp25rzVjdcYt-30mHr3MsQQ==

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Tfx... Frame 4B36 36 KB
13 KB 27ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TfxKO9UPDQ4.L.B1.O/am=DQAE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjZGRjOINLfhDGLpokJzKKzg_Nk8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7cede27c1fa39109e87c633ea5c28af04958c51ffaf830033103a1bd912e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 17:28:25 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 0AF4 0
127 B 181ms
179ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Tfx... Frame 4B36 74 KB
27 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TfxKO9UPDQ4.L.B1.O/am=DQAE/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjZGRjOINLfhDGLpokJzKKzg_Nk8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e569c0e6d9c023bf7d2064a1dec564bb4e34c47c6673698eb6a5d897ed39756a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27788
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 17:28:25 GMT

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 67DB 18 KB
7 KB 77ms
77ms Document
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

795236b60db63ddf35fa24072cb0e9e05501d81e326a8cb7391f39951344df62

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-D/Y2wyvUH/nDMkheoBpgDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-D/Y2wyvUH/nDMkheoBpgDA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Tue, 22 Feb 2022 13:13:05 GMT
date: Tue, 22 Feb 2022 13:13:05 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-D/Y2wyvUH/nDMkheoBpgDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-D/Y2wyvUH/nDMkheoBpgDA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
cross-origin-resource-policy: same-site
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 0 Show response
r.stripe.com/ Frame 0AF4 0
127 B 180ms
180ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 0AF4 0
127 B 180ms
180ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 0AF4 0
127 B 180ms
180ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 0AF4 0
127 B 179ms
179ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 0AF4 0
127 B 180ms
180ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 0AF4 0
127 B 181ms
181ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 0AF4 0
127 B 181ms
181ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 0AF4 0
127 B 180ms
180ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H/1.1 200
OK 67fe2a1b26 Show response
bam-cell.nr-data.net/events/1/ 24 B
510 B 567ms
567ms XHR
image/gif 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/67fe2a1b26?a=363721230&v=1215.1253ab8&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3014&ck=1&ref=https://give.pajamaprogram.org/give/247710/
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://give.pajamaprogram.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 22 Feb 2022 13:13:06 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://give.pajamaprogram.org
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6e1878417ac09256-FRA
Content-Length: 24

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 4B36 49 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TfxKO9UPDQ4.L.B1.O/am=DQAE/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjZGRjOINLfhDGLpokJzKKzg_Nk8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5892
date: Tue, 22 Feb 2022 11:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Feb 2022 13:34:53 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 4B36 1 MB
344 KB 71ms
70ms XHR
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2e32c215d515f6f99109fef7bcaee0dacc056bd75d4b907e944ca794a7230bf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-vZDFFAiKv8dxvgEDyU7sSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-vZDFFAiKv8dxvgEDyU7sSg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
date: Tue, 22 Feb 2022 13:13:05 GMT
x-frame-options: DENY
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-vZDFFAiKv8dxvgEDyU7sSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-vZDFFAiKv8dxvgEDyU7sSg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
expires: Tue, 22 Feb 2022 13:13:05 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4B36 131 B
155 B 40ms
22ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 22 Feb 2022 13:13:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 49ms
16ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 22 Feb 2022 13:13:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 13:13:05 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 4B36 131 B
155 B 38ms
22ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 22 Feb 2022 13:13:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 46ms
17ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 22 Feb 2022 13:13:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 13:13:05 GMT
cache-control: private

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 41ms
17ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 22 Feb 2022 13:13:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 13:13:05 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 4B36 131 B
155 B 37ms
21ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 22 Feb 2022 13:13:05 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4B36 131 B
155 B 35ms
20ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 22 Feb 2022 13:13:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 35ms
19ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 22 Feb 2022 13:13:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 13:13:05 GMT
cache-control: private

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 27ms
17ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 22 Feb 2022 13:13:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 13:13:05 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 4B36 131 B
155 B 39ms
22ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 22 Feb 2022 13:13:05 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Tfx... Frame 4B36 17 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TfxKO9UPDQ4.L.B1.O/am=DQAE/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjZGRjOINLfhDGLpokJzKKzg_Nk8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdfcccbfff6c7d47974f77973e50275cbdc2e39293c12bbec2259b4e7a8c782a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7186
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 17:28:27 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Tfx... Frame 4B36 8 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TfxKO9UPDQ4.L.B1.O/am=DQAE/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjZGRjOINLfhDGLpokJzKKzg_Nk8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c25c40e6aa89abacee9520bfd7862bf4862201135d5999f44510281053c7ec6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3345
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 17:28:27 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4B36 131 B
155 B 57ms
46ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 22 Feb 2022 13:13:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 17ms
17ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 22 Feb 2022 13:13:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 13:13:05 GMT
cache-control: private

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 178ms
178ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 177ms
177ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 67DB 2 KB
2 KB 22ms
22ms Other
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 179ms
177ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 185ms
182ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame 67DB 148 KB
52 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22295c31a0aecd95a39aae4feeb8e3857ea6c53b2bfe79724a2d9c3d71f7cd2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53162
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 06:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 17:28:24 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4B36 131 B
155 B 38ms
23ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 22 Feb 2022 13:13:05 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 186ms
186ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 99ms
97ms Image
image/gif 54.166.193.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=7314947728528119&v=7727487079352693&s=8332737361313724&b=web&tv=4.0&sp=us&sp=CMemail022222&sp=um&sp=newsletter022222&sp=ua&sp=CMemail022222&sp=ts&sp=1645535583957&sp=d&sp=give.pajamaprogram.org&sp=h&sp=%2Fgive%2F247710%2F&sp=q&sp=%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&sp=g&sp=%23!%2Fdonation%2Fcheckout%3F&pp=d&pp=give.pajamaprogram.org&pp=q&pp=%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&pp=h&pp=%2Fgive%2F247710%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=Donate%20to%20Pajama%20Program%20Support&pp=ts&pp=1645535584537&pp=pr&pp=%2Fgive%2F247710%2F&id0=7410211946837535&k0=environment&k0=prod&k0=organization_id&k0=4660&k0=payment_processor&k0=Authorize.net&k0=campaign&k0=247710&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1645535585593&st=1645535585593

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.166.193.69 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-166-193-69.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 13:13:05 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 GooglePay-logo.svg
give.pajamaprogram.org/static/global/images/digitalWallets/ 3 KB
1 KB 482ms
480ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.pajamaprogram.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 13:13:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 18:28:22 GMT
server: cloudflare
etag: W/"61f192c6-b41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 6e1878420c3d911e-FRA
expires: Wed, 22 Feb 2023 13:13:05 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Tfx... Frame 67DB 36 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7cede27c1fa39109e87c633ea5c28af04958c51ffaf830033103a1bd912e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 17:28:25 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Tfx... Frame 67DB 74 KB
27 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TfxKO9UPDQ4.L.B1.O/am=DQAE/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjZGRjOINLfhDGLpokJzKKzg_Nk8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e569c0e6d9c023bf7d2064a1dec564bb4e34c47c6673698eb6a5d897ed39756a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27788
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 17:28:25 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 67DB 49 KB
20 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TfxKO9UPDQ4.L.B1.O/am=DQAE/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjZGRjOINLfhDGLpokJzKKzg_Nk8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5892
date: Tue, 22 Feb 2022 11:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Feb 2022 13:34:53 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 67DB 1 MB
344 KB 74ms
73ms XHR
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3e23f4a1a49a2f1109df56d7719004e5f04f84fec3c3f9a6bb2849c1f00bf4a7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-oIrjZO+xcbXAIW68BBT1yQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-oIrjZO+xcbXAIW68BBT1yQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
date: Tue, 22 Feb 2022 13:13:05 GMT
x-frame-options: DENY
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-oIrjZO+xcbXAIW68BBT1yQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-oIrjZO+xcbXAIW68BBT1yQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
expires: Tue, 22 Feb 2022 13:13:05 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 42ms
20ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 22 Feb 2022 13:13:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 13:13:05 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 67DB 131 B
155 B 32ms
31ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 22 Feb 2022 13:13:05 GMT

POST
H3 200 log Show response
play.google.com/ Frame 67DB 131 B
155 B 32ms
31ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 22 Feb 2022 13:13:05 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 32ms
21ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 22 Feb 2022 13:13:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 13:13:05 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 67DB 131 B
155 B 26ms
26ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 22 Feb 2022 13:13:05 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 36ms
29ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 22 Feb 2022 13:13:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 13:13:05 GMT
cache-control: private

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 23ms
21ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 22 Feb 2022 13:13:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 13:13:05 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 67DB 131 B
155 B 44ms
43ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 22 Feb 2022 13:13:05 GMT

POST
H3 200 log Show response
play.google.com/ Frame 67DB 131 B
155 B 25ms
25ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 22 Feb 2022 13:13:05 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 27ms
26ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 22 Feb 2022 13:13:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 13:13:05 GMT
cache-control: private

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Tfx... Frame 67DB 17 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TfxKO9UPDQ4.L.B1.O/am=DQAE/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjZGRjOINLfhDGLpokJzKKzg_Nk8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdfcccbfff6c7d47974f77973e50275cbdc2e39293c12bbec2259b4e7a8c782a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7186
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 17:28:27 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Tfx... Frame 67DB 8 KB
3 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TfxKO9UPDQ4.L.B1.O/am=DQAE/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjZGRjOINLfhDGLpokJzKKzg_Nk8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c25c40e6aa89abacee9520bfd7862bf4862201135d5999f44510281053c7ec6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 17:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3345
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 21:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 17:28:27 GMT

POST log
play.google.com/ Frame 67DB 0
0

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 23ms
23ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 22 Feb 2022 13:13:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Feb 2022 13:13:05 GMT
cache-control: private

POST
H2 200 0 Show response
r.stripe.com/ Frame 0AF4 0
127 B 184ms
184ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 0AF4 0
127 B 179ms
179ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 104ms
103ms Image
image/gif 54.166.193.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=7314947728528119&v=7727487079352693&s=8332737361313724&b=web&tv=4.0&sp=us&sp=CMemail022222&sp=um&sp=newsletter022222&sp=ua&sp=CMemail022222&sp=ts&sp=1645535583957&sp=d&sp=give.pajamaprogram.org&sp=h&sp=%2Fgive%2F247710%2F&sp=q&sp=%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&sp=g&sp=%23!%2Fdonation%2Fcheckout%3F&pp=d&pp=give.pajamaprogram.org&pp=q&pp=%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222&pp=h&pp=%2Fgive%2F247710%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=Donate%20to%20Pajama%20Program%20Support&pp=ts&pp=1645535584537&pp=pr&pp=%2Fgive%2F247710%2F&id0=7694807627270352&k0=environment&k0=prod&k0=organization_id&k0=4660&k0=payment_processor&k0=Authorize.net&k0=campaign&k0=247710&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1645535585780&st=1645535585780

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.166.193.69 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-166-193-69.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 13:13:05 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 0 Show response
r.stripe.com/ Frame 0AF4 0
127 B 181ms
180ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 200 log Show response
play.google.com/ Frame 67DB 131 B
155 B 23ms
23ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.H2-pKvwVbpM.es5.O/am=DQAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriMR75EzLZnStbz-Fk_Qk2f9gbF1A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 13:13:05 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 22 Feb 2022 13:13:05 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 257A 156 B
522 B 210ms
194ms XHR
application/json 34.209.192.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.209.192.116 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-209-192-116.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9992e36b8bfeae13891e71349328a5e900f4c4e9db71ac738de0a5260e0c83cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 13:13:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 trusted-types-checker-79a96411cda1ad4b6763ce22787d473d.js Show response
js.stripe.com/v3/fingerprinted/js/ 172 B
669 B 27ms
27ms Script
application/javascript 65.9.78.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-79a96411cda1ad4b6763ce22787d473d.js

Requested by

Host: give.pajamaprogram.org
URL: https://give.pajamaprogram.org/give/247710/?utm_source=CMemail022222&utm_medium=newsletter022222&utm_campaign=CMemail022222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-17.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

44817c16b84ba3d2522ea47f3b6c94758f334739fbe91443e0e3a2085f637022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.pajamaprogram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 22
x-cache: Hit from cloudfront
date: Tue, 22 Feb 2022 13:13:10 GMT
content-length: 172
last-modified: Mon, 07 Feb 2022 21:04:47 GMT
server: Cloudfront
etag: "d2c1d1f45a2ae4aca2c4e7d33040ceb7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: oyWzAwKBnVgckN9jStpC486nDtcE41xsfi8v-EnU2ehQn1V-NnFsOg==

POST
H2 200 0 Show response
r.stripe.com/ Frame BAB5 0
127 B 183ms
183ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-5973bbc216e5ba0f742ba1de1a16e20c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 22 Feb 2022 13:13:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
give.pajamaprogram.org/	1970-02-08 01:34:57	Name: connect.sid Value: s%3AaF1WjaEWMyWNfVSXtRxhQuDpe7iEYXle.zLJT4l7ZVGRIh0IO%2B9XQ0%2BjVSZfB8bu9HaZVIHZrVi4
.give.pajamaprogram.org/	1970-01-20 01:05:37	Name: __cf_bm Value: nFzn9v63yzo7DBB5GTAUwcwOB.O_V1dSHsBoggK0aOs-1645535583-0-AeP+zVRsb7BlVU/JP7yUzAHYeQAo5WxS8tu11uUjj7VzHT4D8zjIrpDqxM4XM9gAoYTMsRONlieQeQLj3eHO24U=
.give.pajamaprogram.org/	1969-12-31 23:59:59	Name: __cfruid Value: 640c9e57d865c84bf5773ea595f25ea2afa44a8d-1645535583
.classy.org/	1970-01-20 01:05:37	Name: __cf_bm Value: C4f6nzJpuQplAneOYMgH_w0bvRzbqmI2_WdALNgTEr0-1645535583-0-ATIAvEBhPpXBQ6t8QH/C0TzrL5beI1AOQ15XqN3s7h1Nme95U7pc+kE7sZgwWaO7NqM6iyR/mX8QpKrwoLIYG3E=
.pajamaprogram.org/	1970-01-20 18:36:47	Name: _ga Value: GA1.2.1715872647.1645535584
.pajamaprogram.org/	1970-01-20 01:07:01	Name: _gid Value: GA1.2.727678510.1645535584
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: beTQWMqRoeE
.youtube.com/	1970-01-20 05:24:47	Name: VISITOR_INFO1_LIVE Value: gdeiIAUO5bc
.pajamaprogram.org/	1970-01-20 10:33:33	Name: _hp2_id.1566116007 Value: %7B%22userId%22%3A%227314947728528119%22%2C%22pageviewId%22%3A%227727487079352693%22%2C%22sessionId%22%3A%228332737361313724%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.pajamaprogram.org/	1970-01-20 01:05:35	Name: _gat_classyTrack Value: 1
.pajamaprogram.org/	1970-01-20 10:33:33	Name: _hp2_props.1566116007 Value: %7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A4660%2C%22payment_processor%22%3A%22Authorize.net%22%2C%22campaign%22%3A247710%2C%22campaign_type%22%3A%22donation%22%2C%22duplicate_fundraisers%22%3Afalse%2C%22existing_fundraiser%22%3Afalse%7D
.pajamaprogram.org/	1970-01-20 01:05:37	Name: _hp2_ses_props.1566116007 Value: %7B%22us%22%3A%22CMemail022222%22%2C%22um%22%3A%22newsletter022222%22%2C%22ua%22%3A%22CMemail022222%22%2C%22ts%22%3A1645535583957%2C%22d%22%3A%22give.pajamaprogram.org%22%2C%22h%22%3A%22%2Fgive%2F247710%2F%22%2C%22q%22%3A%22%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%3F%22%7D
.give.pajamaprogram.org/	1970-01-20 09:51:11	Name: OptanonConsent Value: landingPath=https%3A%2F%2Fgive.pajamaprogram.org%2Fgive%2F247710%2F%3Futm_source%3DCMemail022222%26utm_medium%3Dnewsletter022222%26utm_campaign%3DCMemail022222%23!%2Fdonation%2Fcheckout%3F&datestamp=Tue+Feb+22+2022+13%3A13%3A04+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true
give.pajamaprogram.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: jcK2PdzZ-8ejxPniMLqtxPImRF85VU26_SiY
give.pajamaprogram.org/	1970-01-20 09:51:11	Name: acceptCookies Value: eyJpdiI6IlVpTk5NQk1BdDR4S2thWHlKXC9wVFhnPT0iLCJ2YWx1ZSI6IkhBdFU3VTd4Tys1TlwvaGJjTk9hZFN3PT0iLCJtYWMiOiJkZGJlNmYyNWYxZjM4MTIzMWE1ZTNlMjkwYjUxYTA0ZDU3ZGYyYTBkNTFhZGVkNDBiNmNmM2VmYmMzZDJmNzdlIn0%3D
give.pajamaprogram.org/	1970-01-20 01:05:42	Name: XSRF-TOKEN Value: eyJpdiI6IlRwb0xWSjdoclpwQVFsQXdoZmx5U2c9PSIsInZhbHVlIjoiVmZkSXlvQVVSN1ZicG5BMndVYnpvYjVRS0RlclA1OTIza2VNWlo2ZWpIXC9oR0phc3JscXFVZkRnWUJjS0Z6ZlhYTzEzYlUwd2Nrb2wzTzNTOFEwUFJnPT0iLCJtYWMiOiJiZjE0YjdmOGU5YmMwNDM4ZTk1ZGE1YzNlNTY1ZDA3MTRlZDJlM2E4ZjBlY2RlZTRhZGY2ZDI2MmRlMGNjYWNkIn0%3D
give.pajamaprogram.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6IjhGQkJLTDVjN29qa01Ya2V0Wko5OWc9PSIsInZhbHVlIjoiZ3U0azU1ZTVJZlZ3MTZCZ0w5UWkwQU1KaVwvMit2VU5TeEhlOTdWSkpNVHRtb29WSGFjWUwyaFpyU0pidkgwOGRzVkhpdGpXXC92TlwvdzZtMGU1YXh3c1E9PSIsIm1hYyI6IjBjZDNhMDc2NTIzMzRhYWJiNjliNjE1MWI2ZTM4MWQ2Y2I1OTg5NzdkNmQyZWU3ZmZiYjZkODJjZjlkZWFiYTYifQ%3D%3D
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 1aeb165c1e3e3c65
.pajamaprogram.org/	1970-01-20 01:05:35	Name: _gat_clientTrack Value: 1
.google.com/	1970-01-20 05:29:06	Name: NID Value: 511=eLKWHmkNN7hV7IfdnL6mEYm8l5b7yMaZaYMD33nQnEsVG2HBEYvzRdLu-BU4fWIAIFqACohI7kuWqGXOEshSvaIWXX_Nhoxw5pn9QibYbnz8Uc_wOVupsmZZI3qu0CSv_i7qgEe3fVMRRLsHT7O7JnaTSVOcwP11LU-eWaIonBo
m.stripe.com/	1970-01-20 18:36:47	Name: m Value: e95909c4-1e6b-4e66-a782-c03fc7b0a5cb06fb79
.give.pajamaprogram.org/	1970-01-20 09:51:11	Name: __stripe_mid Value: cc52ff75-395e-4265-bb5c-f894fe897699cb2da4
.give.pajamaprogram.org/	1970-01-20 01:05:37	Name: __stripe_sid Value: 4cb5b7bf-b080-4029-9ed0-b902cc01a6a7e0c078

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid= Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://pay.google.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://play.google.com/log?format=json&hasfast=true&authuser=0 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.classy.org
bam-cell.nr-data.net
cdn.heapanalytics.com
cdn.plaid.com
code.jquery.com
doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
give.pajamaprogram.org
heapanalytics.com
htp.tokenex.com
js-agent.newrelic.com
js.stripe.com
m.stripe.com
m.stripe.network
pajamaprogram.cmail19.com
pay.classy.org
pay.google.com
platform.twitter.com
play.google.com
prod-frs.content.classy.org
q.stripe.com
r.stripe.com
sessions.bugsnag.com
static.cloudflareinsights.com
stats.g.doubleclick.net
syndication.twitter.com
unpkg.com
www.google-analytics.com
www.gstatic.com
www.youtube.com
play.google.com
104.244.42.136
13.32.121.116
13.32.121.78
151.101.0.176
151.101.66.137
162.247.243.147
18.196.132.139
2001:4de0:ac18::1:a:3a
23.96.109.67
2600:1901:0:7a0b::
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:b944
2606:4700::6810:5f41
2606:4700::6810:7caf
2606:4700::6812:7115
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:829::200e
2a00:1450:400c:c00::9c
2a00:1450:400c:c04::5c
34.209.192.116
52.143.247.24
54.166.193.69
54.187.119.242
65.9.78.17
047dc490d80da432f27673bd2639e1784183b1a33102058256f959e7b17bea70
056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae
07bc0baec6b2902f57553499b92eebf4789530923d152c1355ffd18c81a36a34
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ecde91d88dbb2ac0fee3fd1fbb92977853f7e91ba1977c2c33b04d237165693
0f50121d52118e6d9502faafa06b37a52ed8b728cf84bc6f2baf1398c0aacdcb
13dcdd2fcfab982ba9e64ae2e90c6f83c2ada78324b3e0e675d1a3f3c86befee
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18c4d2274a0d80762563340b18809e955a2c0726486ddf03c74d99394c104a00
1e68b3ce2c0a59c4be47506edd1ddacf1cca1f53d65e0684f9b78ec2b1c036e5
22295c31a0aecd95a39aae4feeb8e3857ea6c53b2bfe79724a2d9c3d71f7cd2c
23d996d9465f3afc9872ed60ec2d5ab1c66755af8822d2b84661879a5b6c165b
243bf181190f4c12bb99cd2a31d2c13fbd0fe10189c1bb1926d7935c45519452
322d5c0073bf656509fa530a66fdf13cd33f0c29ed849cf9988f78a4c17432c3
34ab26c49efdbbeca6567e183ca38ad41691979e324b377d7a2328b44e0d23e4
34d4b0d52609d6fe3b7a0b1ade615a14d99b59b85c35a078c7839e33695a893b
386d6705d2d0272a475b99ea3da6e3fa565474e45128668f6daf3b9d71ed694d
3b88a48ad1f214ace583e35879930045fdf1d11826b8e267ed8c5e90f41e54f5
3e23f4a1a49a2f1109df56d7719004e5f04f84fec3c3f9a6bb2849c1f00bf4a7
44817c16b84ba3d2522ea47f3b6c94758f334739fbe91443e0e3a2085f637022
4d752ebf9dc66ad44c88f5a0ad523d1f3cfd5280a66843917a6e86146cafe24d
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
53f02d29d8d4147a41c50b3ca5b7d3d1bd88b73df595a1f638634c464362c1c8
54edc851fe7dcf19cf457a78d792c5b5b7221fb4544eef4cc026ec8a34820455
5526409ef24c774ab83b7af2eaebf092681f7ca54e3662e6f11ebe879509ff9d
5fa553b3ca22c21a48fb04341944ed72eff3fc14e3bee039d4f92dccfb270bda
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7365a0b729f2e32fa018fe0f5b77b0707384e262e6efcd6a656264c7f343a60a
795236b60db63ddf35fa24072cb0e9e05501d81e326a8cb7391f39951344df62
7c7cede27c1fa39109e87c633ea5c28af04958c51ffaf830033103a1bd912e51
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
8f39f110ba515128e3a9726e1487126ed268890377996d933c20661e12983fc6
987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
9992e36b8bfeae13891e71349328a5e900f4c4e9db71ac738de0a5260e0c83cc
9a280ca12a2d4400a93d3a9faf5e18bb2f65091a76e4cfe41b78621baab826f2
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9f4225772827551ffb18122b8fbe430e812b36978dc627ee747e899a6bdfb3d9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b2e32c215d515f6f99109fef7bcaee0dacc056bd75d4b907e944ca794a7230bf
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbac51da4cca7f9aded23256189c307d2b9fa1148c1d48d0e1494b065486ec9d
c25c40e6aa89abacee9520bfd7862bf4862201135d5999f44510281053c7ec6c
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
c9592b30f4d3f466ac0f81eaf2b5f558a593ffdba0b0662bdc1ae15af794a7ad
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1ffaa080eb9d71e5964528904fc379fe0f165dcaf692f7b913a87ac82e7f442
d6fd79ce5eb8933f0a04cd1f999ac74d16606a81881b9c93c5d50f9b065a51da
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
dc59be87f4a2ff16a6949d08b4405d1223bca5e6109b65f8d350733faf11c13d
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
dfaa563d8ac1afca316a84c3e4885470aa5dbb2b4d1e7e35f64ae78644082c01
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e569c0e6d9c023bf7d2064a1dec564bb4e34c47c6673698eb6a5d897ed39756a
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ef9b684542db552c977ec5fe8d61efba0d81ea6702bf90c19cd42bdb8009dead
f38287ccf7092813af11fe371e87b68e6700ea5d070496c4c4102a2d13216c6d
f70b05c50d20b6044717b1a0f732d9f20958482d5391450af6a1cbce1eb2e514
f8de32eaddf6935168f5339f41de7c43dbfd1d0d33baedff4178331beba61d83
fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fdfcccbfff6c7d47974f77973e50275cbdc2e39293c12bbec2259b4e7a8c782a
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

give.pajamaprogram.org Open in urlscan Pro 2606:4700::6812:7115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

181 Requests

99 %HTTPS

54 %IPv6

23 Domains

32 Subdomains

28 IPs

4 Countries

3553 kBTransfer

11921 kBSize

23 Cookies

7 Outgoing links

Page URL History

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

give.pajamaprogram.org Open in urlscan Pro
2606:4700::6812:7115 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

99 %
HTTPS

54 %
IPv6

23
Domains

32
Subdomains

28
IPs

4
Countries

3553 kB
Transfer

11921 kB
Size

23
Cookies

181 HTTP transactions
0 data transactions