www.heart.org Open in urlscan Pro
2600:9000:2156:f400:1a:380b:6e00:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.heartemail.org/?qs=5d81411f0dc42b59189ec41d3e22566fbf948c1ee0d978bd63bd5a44a3400bd972853399e5b21bb36738daef8f79...
Effective URL:
https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&s...
Submission: On March 17 via api (March 17th 2022, 3:44:07 pm UTC) from US — Scanned from DE

Summary HTTP 377 Redirects Links 61 Behaviour Indicators

Summary

This website contacted 49 IPs in 5 countries across 31 domains to perform 377 HTTP transactions. The main IP is 2600:9000:2156:f400:1a:380b:6e00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.heart.org. The Cisco Umbrella rank of the primary domain is 61304.
TLS certificate: Issued by Amazon on January 13th 2022. Valid for: a year.

This is the only time www.heart.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.134.105 13.111.134.105	22606 (EXACT-7) (EXACT-7)
28	2600:9000:215... 2600:9000:2156:f400:1a:380b:6e00:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	143.204.98.78 143.204.98.78	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
9	143.204.98.35 143.204.98.35	16509 (AMAZON-02) (AMAZON-02)
35	104.22.0.244 104.22.0.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::ac43:990b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	147.135.78.45 147.135.78.45	16276 (OVH) (OVH)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	143.204.98.76 143.204.98.76	16509 (AMAZON-02) (AMAZON-02)
7	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
1	143.204.98.33 143.204.98.33	16509 (AMAZON-02) (AMAZON-02)
2	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c01::9c	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 7	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
16	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	108.157.1.118 108.157.1.118	16509 (AMAZON-02) (AMAZON-02)
2	67.225.220.126 67.225.220.126	32244 (LIQUIDWEB) (LIQUIDWEB)
1 2	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
2 9	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
53	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	2600:9000:215... 2600:9000:2156:ca00:d:87ae:bb80:21	16509 (AMAZON-02) (AMAZON-02)
1	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
3	104.26.8.138 104.26.8.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.74.72 172.67.74.72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
70	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
4 8	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
10	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
4	138.197.61.175 138.197.61.175	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
4	2600:9000:215... 2600:9000:2156:a600:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:400c:c00::5c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	184.25.114.184 184.25.114.184	16625 (AKAMAI-AS) (AKAMAI-AS)
3	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	34.216.95.44 34.216.95.44	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
5	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
5	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
377	49

1 13.111.134.105 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.heartemail.org

click.heartemail.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2600:9000:2156:f400:1a:380b:6e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.heart.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-78.fra50.r.cloudfront.net

static.heart.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.98.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-35.fra50.r.cloudfront.net

static.cloud.coveo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 104.22.0.244 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:990b (United States)

ASN13335 (CLOUDFLARENET, US)

secure.rating-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.78.45 (United States)

ASN16276 (OVH, FR)

sentry.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-33.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c01::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba1b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ucarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.225.220.126 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.rtb123.com

www.rtb123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.244 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ca00:d:87ae:bb80:21 (United States)

ASN16509 (AMAZON-02, US)

d2rp1k1dldbai6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

files1.cybba.solutions	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.26.8.138 (United States)

ASN13335 (CLOUDFLARENET, US)

fndrsp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.74.72 (United States)

ASN13335 (CLOUDFLARENET, US)

fndrsp-checkout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.166 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

9239798.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6259436.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.197.61.175 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

app.cybba.solutions	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:a600:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400c:c00::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.25.114.184 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-114-184.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.216.95.44 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-95-44.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
125	stripe.com js.stripe.com — Cisco Umbrella Rank: 894 q.stripe.com — Cisco Umbrella Rank: 5856 r.stripe.com — Cisco Umbrella Rank: 3909 m.stripe.com — Cisco Umbrella Rank: 854	1 MB
47	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2999 adservice.google.com — Cisco Umbrella Rank: 57 play.google.com — Cisco Umbrella Rank: 32	776 KB
36	fundraiseup.com cdn.fundraiseup.com — Cisco Umbrella Rank: 43968 static.fundraiseup.com — Cisco Umbrella Rank: 43961 api.fundraiseup.com — Cisco Umbrella Rank: 44145 sentry.fundraiseup.com — Cisco Umbrella Rank: 46460	1 MB
30	heart.org www.heart.org — Cisco Umbrella Rank: 61304 static.heart.org — Cisco Umbrella Rank: 59443	932 KB
20	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2527 t.paypal.com — Cisco Umbrella Rank: 3344 c.paypal.com — Cisco Umbrella Rank: 5653 b.stats.paypal.com — Cisco Umbrella Rank: 4438 dub.stats.paypal.com — Cisco Umbrella Rank: 18619 c6.paypal.com — Cisco Umbrella Rank: 6488	392 KB
17	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 9239798.fls.doubleclick.net — Cisco Umbrella Rank: 566785 6259436.fls.doubleclick.net — Cisco Umbrella Rank: 860113	11 KB
16	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	2 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	238 KB
9	google.de www.google.de — Cisco Umbrella Rank: 6433	1012 B
9	coveo.com static.cloud.coveo.com — Cisco Umbrella Rank: 9537	330 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	60 KB
7	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	395 KB
6	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1439 insight.adsrvr.org — Cisco Umbrella Rank: 567	3 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	309 KB
5	cybba.solutions files1.cybba.solutions — Cisco Umbrella Rank: 26338 app.cybba.solutions — Cisco Umbrella Rank: 26432	29 KB
5	adnxs.com 1 redirects acdn.adnxs.com — Cisco Umbrella Rank: 523 ib.adnxs.com — Cisco Umbrella Rank: 205 secure.adnxs.com — Cisco Umbrella Rank: 359	7 KB
4	stripe.network m.stripe.network — Cisco Umbrella Rank: 948	32 KB
4	ucarecdn.com ucarecdn.com — Cisco Umbrella Rank: 17980	52 KB
3	fndrsp.net fndrsp.net — Cisco Umbrella Rank: 39301	2 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 573 script.hotjar.com — Cisco Umbrella Rank: 719 vars.hotjar.com — Cisco Umbrella Rank: 874	67 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	18 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1810	33 KB
2	fndrsp-checkout.net fndrsp-checkout.net — Cisco Umbrella Rank: 281264	1 KB
2	rtb123.com www.rtb123.com — Cisco Umbrella Rank: 16493	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5725	461 B
1	cloudfront.net d2rp1k1dldbai6.cloudfront.net	20 KB
1	vimeocdn.com extend.vimeocdn.com — Cisco Umbrella Rank: 8647	6 KB
1	rating-widget.com secure.rating-widget.com — Cisco Umbrella Rank: 57073	34 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1349	39 KB
1	heartemail.org 1 redirects click.heartemail.org — Cisco Umbrella Rank: 109653	375 B
377	31

	Domain	Requested by
56	r.stripe.com	js.stripe.com
53	js.stripe.com	static.fundraiseup.com js.stripe.com
28	www.heart.org	www.heart.org static.cloud.coveo.com
27	static.fundraiseup.com	www.heart.org static.fundraiseup.com
26	play.google.com	www.gstatic.com
16	www.facebook.com	www.heart.org
14	q.stripe.com	www.heart.org
10	www.gstatic.com	pay.google.com www.gstatic.com
10	www.paypal.com	static.fundraiseup.com www.paypal.com www.paypalobjects.com
9	www.google.de	www.heart.org
9	www.google.com	2 redirects www.heart.org
9	static.cloud.coveo.com	www.heart.org static.cloud.coveo.com
8	pay.google.com	static.fundraiseup.com js.stripe.com pay.google.com www.heart.org www.gstatic.com
8	www.google-analytics.com	www.googletagmanager.com www.heart.org static.fundraiseup.com www.google-analytics.com www.gstatic.com
7	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
7	connect.facebook.net	www.heart.org connect.facebook.net
7	api.fundraiseup.com	cdn.fundraiseup.com static.fundraiseup.com
6	www.googletagmanager.com	www.heart.org www.googletagmanager.com
5	insight.adsrvr.org	js.adsrvr.org
5	c.paypal.com	www.paypal.com c.paypal.com
4	adservice.google.com	9239798.fls.doubleclick.net 6259436.fls.doubleclick.net
4	m.stripe.network	js.stripe.com m.stripe.network
4	app.cybba.solutions	files1.cybba.solutions
4	6259436.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	9239798.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	ucarecdn.com	www.heart.org static.fundraiseup.com
3	fndrsp.net	cdn.fundraiseup.com
3	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	m.stripe.com	m.stripe.network
2	t.paypal.com	www.heart.org
2	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	fndrsp-checkout.net	cdn.fundraiseup.com
2	secure.adnxs.com	1 redirects www.heart.org
2	www.rtb123.com	www.heart.org
2	stats.g.doubleclick.net	static.fundraiseup.com
2	ib.adnxs.com	www.heart.org static.fundraiseup.com
2	fonts.googleapis.com	www.heart.org static.cloud.coveo.com
2	static.heart.org	www.heart.org
1	c6.paypal.com	www.heart.org
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	pro.ip-api.com	static.fundraiseup.com
1	files1.cybba.solutions	www.rtb123.com
1	d2rp1k1dldbai6.cloudfront.net	www.rtb123.com
1	js.adsrvr.org	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	extend.vimeocdn.com	www.googletagmanager.com
1	acdn.adnxs.com	www.heart.org
1	static.hotjar.com	www.googletagmanager.com
1	sentry.fundraiseup.com	static.fundraiseup.com
1	secure.rating-widget.com	www.heart.org
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.fundraiseup.com	www.heart.org
1	www.googleoptimize.com	www.heart.org
1	click.heartemail.org	1 redirects
377	56

This site contains links to these domains. Also see Links.

Domain
www.shopheart.org
mygiving.heart.org
www2.heart.org
recipes.heart.org
www.stroke.org
supportnetwork.heart.org
professional.heart.org
ceoroundtable.heart.org
newsroom.heart.org
heart.jobs
www.goredforwomen.org
www.projectbaseline.com
raiseyourwayforaha.funraise.org
american.heart.org
cpr.heart.org
ahainstructornetwork.americanheart.org
www.twitter.com
www.facebook.com
instagram.com
www.youtube.com
www.pinterest.com
www.linkedin.com
www.empoweredtoserve.org
www.onecarhelpsheart.com
www.tiktok.com
nationalhealthcouncil.org
www.give.org
www.charitynavigator.org
ssl.comodo.com
www.hon.ch

Subject Issuer	Validity	Valid
*.heart.org Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.cloud.coveo.com Go Daddy Secure Certificate Authority - G2	`2021-06-18` - `2022-07-20`	a year	crt.sh
fundraiseup.com Cloudflare Inc ECC CA-3	`2021-07-22` - `2022-07-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-23` - `2022-06-22`	a year	crt.sh
sentry.fundraiseup.com R3	`2022-02-17` - `2022-05-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-25` - `2022-03-25`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
ucarecdn.com R3	`2022-03-10` - `2022-06-08`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
www.rtb123.com GlobalSign GCC R3 DV TLS CA 2020	`2022-02-02` - `2023-03-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-01-26` - `2022-05-04`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
files1.cybba.solutions R3	`2022-02-23` - `2022-05-24`	3 months	crt.sh
*.fndrsp.net E1	`2022-03-01` - `2022-05-30`	3 months	crt.sh
*.fndrsp-checkout.net E1	`2022-03-01` - `2022-05-30`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2022-06-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.cybba.solutions Sectigo RSA Domain Validation Secure Server CA	`2021-06-15` - `2022-07-16`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-11` - `2022-05-04`	4 months	crt.sh

This page contains 33 frames:

Primary Page: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Frame ID: 0FFD9E023AEC5BB504ECD2232E071AC3
Requests: 162 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: CAEEB233D314E53F9D884449FB401E93
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/
Frame ID: 01712C2EF5D11691A962BCAEF2D68476
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
Frame ID: C60A72DB54E706654A40C91163C90A54
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html
Frame ID: FDFEF1266B4F4E9822F03D8FB4024568
Requests: 24 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html
Frame ID: 216604447C8716F3DBE633EB30A02661
Requests: 25 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
Frame ID: 0FD58FD03426649B1013B9B96DC98706
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
Frame ID: EE2B50F096FF05D727EF5E60F00335D4
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
Frame ID: C93FC65F2CC9265C2113DB7C8D76821D
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-au-bank-account-b853e654c4ce0dc06b761c4998826359.html
Frame ID: 31233ACAB0A8CA46F43EF07BE73A6871
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-iban-157c29f58b70ac8655bbcfd76ed71cd2.html
Frame ID: D62056A81D0AE68357567F3A1F932F6D
Requests: 7 HTTP requests in this frame

Frame: https://9239798.fls.doubleclick.net/activityi;dc_pre=CLLYmLG-zfYCFQr6Gwodmc8Cfg;src=9239798;type=chekopen;cat=ahase0;ord=1060821379456;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail
Frame ID: 841B48CA600B42EA181916F3DB9855B6
Requests: 2 HTTP requests in this frame

Frame: https://6259436.fls.doubleclick.net/activityi;dc_pre=CO_kmLG-zfYCFflDHQkde5IBZw;src=6259436;type=chekopen;cat=ahado0;ord=3436637060411;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail
Frame ID: F130D12EAADED3BA1E2D2D1A9151F954
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D6484B3110C96999E00956116D70A4B9
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html
Frame ID: 46274EAE9DB5D8056A3A1CED2EB46042
Requests: 19 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-9b8ee344d0b51ced5a0634f4a7bed795.html
Frame ID: DDCD4353747885DA6AD22DDAF440373A
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-59711d7b62bbd49d98d5a40431a1bff5.html
Frame ID: 7CAC198CB96A1E454567DBDDAEBC73E8
Requests: 4 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=silver&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZibTY5aWc4bk1STG1aS1MtUW9PTnE3cUlIUHFscFlKMWwzdnl4RV9sYS1VWlBVX2VFa0tIMkhScEhGa2w3U05KOGFfZUt2RGtjVDktTXkmbWVyY2hhbnQtaWQ9NDJXMlhSR0UzUUVTVSZjdXJyZW5jeT1FVVImZGlzYWJsZS1mdW5kaW5nPXZlbm1vJmxvY2FsZT1lbl9VUyZpbnRlbnQ9dG9rZW5pemUmdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3BsdHJtZ2hqZXVtYWxsb2lzc2RqaHR0cHVtYnpkaCJ9fQ&clientID=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&sdkCorrelationID=f99490163b7ca&storageID=uid_1bdc7a0ec6_mtu6ndq6mda&sessionID=uid_0f097419b3_mtu6ndq6mda&buttonSessionID=uid_6ef0de5de5_mtu6ndq6mda&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiNWY3MWI5Zjk3YzU3NjA5Y2M2NGUyMTI5YTcyNmZlZTVjYmE5MjUwNiIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=EUR&intent=tokenize&commit=true&vault=true&disableFunding.0=venmo&merchantID.0=42W2XRGE3QESU&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Frame ID: D80954F81482C0D64521524BB27BDFE3
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 25B0CB25D001E13E44EF2EA4E574B695
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.heart.org&mid=
Frame ID: B9FA3CAC2689D3D1C00AB93C11C9C2AC
Requests: 16 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 6D004C20E1E87BF0DE3DD49BD8E94A6F
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 4844A75953DCCC95856C0FA7AA75EBEC
Requests: 16 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 62F1AF87A8ED1316B434A0B1197BA3EE
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_0f097419b3_mtu6ndq6mda&s=SMART_PAYMENT_BUTTONS
Frame ID: 68A36413296DC34F4EC48110906E55F9
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
Frame ID: B25B331CD3DE69355693D6FC99D0BE6B
Requests: 3 HTTP requests in this frame

Frame: https://9239798.fls.doubleclick.net/activityi;dc_pre=CLSFhbK-zfYCFRaYhQodnX0DZQ;src=9239798;type=chekopen;cat=ahase0;ord=9804078728994;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail
Frame ID: A42E237224CA66054A3A52CE5AE8E419
Requests: 2 HTTP requests in this frame

Frame: https://6259436.fls.doubleclick.net/activityi;dc_pre=CKrahbK-zfYCFVKfhQod8SILeQ;src=6259436;type=chekopen;cat=ahado0;ord=5651590283438;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail
Frame ID: E80570B6EFCFE7AF195981B4481BA4CA
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vy0u2pj&ref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&upid=pve3oem&upv=1.1.0
Frame ID: 720F730135449440B511F4AA12567EDC
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=7ikm8d0&ref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&upid=c4u3880&upv=1.1.0
Frame ID: E5AD0C76C60B8208BAF08B5A5B4791DB
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ozigltp&ref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&upid=4lnsnax&upv=1.1.0
Frame ID: 692D69CD5960C1DAF11AA98F18051D20
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vy0u2pj&ref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&upid=pve3oem&upv=1.1.0&v=&td1=&td2=&td3=Checkout%20Open
Frame ID: 17BF5F6A3984066DDFA3AD8160045614
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vy0u2pj&ref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&upid=pve3oem&upv=1.1.0&v=&td1=&td2=&td3=Checkout%20Open
Frame ID: D6E283EC5BF44BD8773184B671A3E40F
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D1260A2CE25132E833AAFD7858DFE1F2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ways to Give | Make a Donation | American Heart AssociationClearSearchLoading

Page URL History Show full URLs

https://click.heartemail.org/?qs=5d81411f0dc42b59189ec41d3e22566fbf948c1ee0d978bd63bd5a44a3400bd972853399... HTTP 302
https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_... Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

377
Requests

99 %
HTTPS

39 %
IPv6

31
Domains

56
Subdomains

49
IPs

5
Countries

6179 kB
Transfer

20050 kB
Size

45
Cookies

61 Outgoing links

These are links going to different origins than the main page.

URL: https://www.shopheart.org/?utm_source=heart.org&utm_medium=Referral&utm_campaign=AHA-Parent-Site-Top-Nav-Desktop
Title: SHOP

Search URL Search Domain Scan URL

URL: https://mygiving.heart.org/-/XXRCJWZY
Title: DONATE ONCE

Search URL Search Domain Scan URL

URL: https://www2.heart.org/site/SPageNavigator/drtv_helpheart.html?s_subsrc=global_nav
Title: DONATE MONTHLY

Search URL Search Domain Scan URL

URL: https://mygiving.heart.org/-/XXRCJWZY?s_subsrc=heart_mobile_donate_button
Title: Donate Now

Search URL Search Domain Scan URL

URL: https://mygiving.heart.org/-/XXRCJWZY?s_subsrc=heart_mobile_nav_link
Title: Donate Now

Search URL Search Domain Scan URL

URL: https://recipes.heart.org/en/
Title: Recipes

Search URL Search Domain Scan URL

URL: https://www.stroke.org/en/
Title: Stroke

Search URL Search Domain Scan URL

URL: https://supportnetwork.heart.org/
Title: Support Network

Search URL Search Domain Scan URL

URL: https://professional.heart.org/en/
Title: Professional Heart Daily

Search URL Search Domain Scan URL

URL: https://professional.heart.org/en/research-programs
Title: Research

Search URL Search Domain Scan URL

URL: https://professional.heart.org/en/partners
Title: Professional Membership

Search URL Search Domain Scan URL

URL: https://professional.heart.org/en/meetings
Title: Meetings

Search URL Search Domain Scan URL

URL: https://professional.heart.org/en/education
Title: Education

Search URL Search Domain Scan URL

URL: https://professional.heart.org/en/guidelines-and-statements
Title: Guidelines & Statements

Search URL Search Domain Scan URL

URL: https://professional.heart.org/en/journals
Title: Journals

Search URL Search Domain Scan URL

URL: http://ceoroundtable.heart.org/
Title: CEO Roundtable

Search URL Search Domain Scan URL

URL: https://newsroom.heart.org/
Title: Media Newsroom

Search URL Search Domain Scan URL

URL: https://heart.jobs/?utm_campaign=heart.org-TopNav&vs=2896&utm_medium=Other&utm_source=heart.org-TopNav
Title: Career Opportunities

Search URL Search Domain Scan URL

URL: https://www.goredforwomen.org/en/
Title: Go Red For Women

Search URL Search Domain Scan URL

URL: https://www.projectbaseline.com/gored/
Title: Research Goes Red

Search URL Search Domain Scan URL

URL: https://www.shopheart.org/?a=aha-heart.org-bottom-navigation&utm_source=heart.org&utm_medium=referral&utm_campaign=aha-heart.org-bottom-navigation
Title: SHOP

Search URL Search Domain Scan URL

URL: https://www2.heart.org/site/SPageNavigator/drtv_helpheart.html?s_subsrc=mobile_nav
Title: Monthly Giving As Seen On TV

Search URL Search Domain Scan URL

URL: https://www2.heart.org/site/SPageNavigator/donatenow_honor.html?s_src=20U2W1EEMT&s_subsrc=main_nav_honor_link
Title: Honor a Loved One

Search URL Search Domain Scan URL

URL: https://www2.heart.org/site/SPageNavigator/donatenow_legacy.html&s_src=20U2W1EEMM&sub_src=main_nav_memorial_link
Title: Make a Memorial Gift

Search URL Search Domain Scan URL

URL: http://www2.heart.org/site/TR?fr_id=3930&pg=entry
Title: Create a Tribute Page

Search URL Search Domain Scan URL

URL: https://raiseyourwayforaha.funraise.org/
Title: Raise Your Way

Search URL Search Domain Scan URL

URL: http://american.heart.org/kidsheartchallenge/
Title: Kids Heart Challenge

Search URL Search Domain Scan URL

URL: https://www2.heart.org/site/SPageNavigator/ahc_resources_search.html
Title: American Heart Challenge

Search URL Search Domain Scan URL

URL: https://cpr.heart.org/en/
Title: CPR and First Aid

Search URL Search Domain Scan URL

URL: https://ahainstructornetwork.americanheart.org/AHAECC/classConnector.jsp?pid=ahaecc.classconnector.home
Title: Find A Training Center

Search URL Search Domain Scan URL

URL: https://cpr.heart.org/en/course-catalog-search
Title: Find A Course

Search URL Search Domain Scan URL

URL: https://cpr.heart.org/en/course-catalog-search/purchase-options
Title: CPR Purchase Options

Search URL Search Domain Scan URL

URL: http://www.twitter.com/American_Heart

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AmericanHeart

Search URL Search Domain Scan URL

URL: http://instagram.com/american_heart

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/americanheartassoc

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/americanheart/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/american-heart-association

Search URL Search Domain Scan URL

URL: https://www.shopheart.org/?a=aha-heart.org-main-navigation&utm_source=heart.org&utm_medium=referral&utm_campaign=aha-heart.org-main-navigation
Title: SHOP

Search URL Search Domain Scan URL

URL: https://www.empoweredtoserve.org/en/
Title: EmPOWERED to Serve

Search URL Search Domain Scan URL

URL: https://www.empoweredtoserve.org/en/health-ecosystems
Title: Health Ecosystems

Search URL Search Domain Scan URL

URL: https://www.shopheart.org/?utm_source=heart.org&utm_medium=Referral&utm_campaign=AHA-Parent-Site-Top-Nav-Mobile
Title: SHOP

Search URL Search Domain Scan URL

URL: https://mygiving.heart.org/-/XPGRRHYT
Title: DONATE ONCE

Search URL Search Domain Scan URL

URL: https://www2.heart.org/site/SPageNavigator/drtv_helpheart.html?s_src=22I2W1AEMG&s_subsrc=mar22_heart_lightbox_donate_monthly
Title: DONATE MONTHLY

Search URL Search Domain Scan URL

URL: https://mygiving.heart.org/-/XGWXVXLF
Title: DONATE ONCE

Search URL Search Domain Scan URL

URL: https://www2.heart.org/site/SPageNavigator/drtv_helpheart.html?s_src=22I2W1AEMG&s_subsrc=mar22_wtg_overlap__donate_monthly
Title: DONATE MONTHLY

Search URL Search Domain Scan URL

URL: https://www.stroke.org/en/about-stroke
Title: stroke

Search URL Search Domain Scan URL

URL: https://mygiving.heart.org/-/XZTZBDFD?s_src=20U2W1UEMG&s_subsrc=wtg_donatenow_promo_box_one-time_link
Title: Make a one-time donation

Search URL Search Domain Scan URL

URL: https://mygiving.heart.org/-/XYSBUNSX
Title: Start a fundraiser in memory today

Search URL Search Domain Scan URL

URL: https://mygiving.heart.org/-/XLSQMLGM
Title: Let's get started!

Search URL Search Domain Scan URL

URL: https://www.projectbaseline.com/studies/gored/
Title: Research Goes Red

Search URL Search Domain Scan URL

URL: https://www.onecarhelpsheart.com/
Title: Vehicle Donations

Search URL Search Domain Scan URL

URL: http://newsroom.heart.org/
Title: AHA/ASA Media Newsroom

Search URL Search Domain Scan URL

URL: https://heart.jobs/?utm_campaign=heart.org-Footer&vs=2896&utm_medium=Other&utm_source=heart.org-Footer
Title: Careers

Search URL Search Domain Scan URL

URL: https://mygiving.heart.org/-/XEDQWRZF
Title: Donate Now

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@americanheartassociation?lang=en

Search URL Search Domain Scan URL

URL: https://nationalhealthcouncil.org/standards-of-excellence/

Search URL Search Domain Scan URL

URL: http://www.give.org/charity-reviews/national/health/american-heart-association-in-dallas-tx-173

Search URL Search Domain Scan URL

URL: https://www.charitynavigator.org/index.cfm?bay=search.summary&orgid=3260

Search URL Search Domain Scan URL

URL: https://ssl.comodo.com/

Search URL Search Domain Scan URL

URL: https://www.hon.ch/HONcode/Patients/
Title: HONcode Standard

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.heartemail.org/?qs=5d81411f0dc42b59189ec41d3e22566fbf948c1ee0d978bd63bd5a44a3400bd972853399e5b21bb36738daef8f79f444e1c73479326a1885183517b016285cfb HTTP 302
https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://secure.adnxs.com/px?id=1270128&seg=22299274&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1270128%26seg%3D22299274%26t%3D2

Request Chain 143

https://9239798.fls.doubleclick.net/activityi;src=9239798;type=chekopen;cat=ahase0;ord=1060821379456;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail HTTP 302
https://9239798.fls.doubleclick.net/activityi;dc_pre=CLLYmLG-zfYCFQr6Gwodmc8Cfg;src=9239798;type=chekopen;cat=ahase0;ord=1060821379456;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail

Request Chain 144

https://6259436.fls.doubleclick.net/activityi;src=6259436;type=chekopen;cat=ahado0;ord=3436637060411;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail HTTP 302
https://6259436.fls.doubleclick.net/activityi;dc_pre=CO_kmLG-zfYCFflDHQkde5IBZw;src=6259436;type=chekopen;cat=ahado0;ord=3436637060411;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail

Request Chain 197

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/936930558/?random=1912097253&cv=9&fst=1647531840304&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&auid=178462528.1647531839&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QVczYpiaA92xx_AP0uaE-Ao&sscte=1&crd=CNCksQI HTTP 302
https://www.google.com/pagead/1p-conversion/936930558/?random=1912097253&cv=9&fst=1647531840304&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&auid=178462528.1647531839&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNCksQI&is_vtc=1&ocp_id=QVczYpiaA92xx_AP0uaE-Ao&cid=CAQSKQCNIrLMHX6r8e17BdvJpzeg-StgYMaCgBDjNhhzIH2YAmOHNydx0wFh&random=2784755720&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/936930558/?random=1912097253&cv=9&fst=1647531840304&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&auid=178462528.1647531839&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNCksQI&is_vtc=1&ocp_id=QVczYpiaA92xx_AP0uaE-Ao&cid=CAQSKQCNIrLMHX6r8e17BdvJpzeg-StgYMaCgBDjNhhzIH2YAmOHNydx0wFh&random=2784755720&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hDx14xhWaIv1_KMYPbnq9GRtwgVkH_hMK4ow6w90SlW9N7KZtRCI7saOMkXTx14t0sYQwHmbn6vh06WkV_2pE8B

Request Chain 343

https://b.stats.paypal.com/v2/counter.cgi?p=uid_0f097419b3_mtu6ndq6mda&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_0f097419b3_mtu6ndq6mda&s=SMART_PAYMENT_BUTTONS

Request Chain 355

https://9239798.fls.doubleclick.net/activityi;src=9239798;type=chekopen;cat=ahase0;ord=9804078728994;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail HTTP 302
https://9239798.fls.doubleclick.net/activityi;dc_pre=CLSFhbK-zfYCFRaYhQodnX0DZQ;src=9239798;type=chekopen;cat=ahase0;ord=9804078728994;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail

Request Chain 356

https://6259436.fls.doubleclick.net/activityi;src=6259436;type=chekopen;cat=ahado0;ord=5651590283438;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail HTTP 302
https://6259436.fls.doubleclick.net/activityi;dc_pre=CKrahbK-zfYCFVKfhQod8SILeQ;src=6259436;type=chekopen;cat=ahado0;ord=5651590283438;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail

Request Chain 365

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/936930558/?random=1528831774&cv=9&fst=1647531842232&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&auid=178462528.1647531839&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QlczYuHeOI-8x_APlrCnqAo&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-conversion/936930558/?random=1528831774&cv=9&fst=1647531842232&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&auid=178462528.1647531839&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=QlczYuHeOI-8x_APlrCnqAo&cid=CAQSKQCNIrLMKzBd4RU08mirT8QMDYY-rxdf2_T8PqA6qxyn6jq_0k8TuB5X&random=3992305033&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/936930558/?random=1528831774&cv=9&fst=1647531842232&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&auid=178462528.1647531839&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=QlczYuHeOI-8x_APlrCnqAo&cid=CAQSKQCNIrLMKzBd4RU08mirT8QMDYY-rxdf2_T8PqA6qxyn6jq_0k8TuB5X&random=3992305033&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hB1QRKZghHBya_UMrWsbaZ88QvrAxFnK2yDUMMKUDK3_a1A20dUMo8PBYcmXx2aORT0srZ9fUV72x4xA_PqWOPl

377 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ways-to-give Show response
www.heart.org/en/get-involved/
Redirect Chain

https://click.heartemail.org/?qs=5d81411f0dc42b59189ec41d3e22566fbf948c1ee0d978bd63bd5a44a3400bd972853399e5b21bb36738daef8f79f444e1c73479326a1885183517b016285cfb
https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=

150 KB
37 KB

1313ms
1130ms

Document
text/html

2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dcbfe95885a8f7dcdff9c894b45226bff39509646cd01ee9b43d0bfa5cf68913

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
content-length: 36478
cache-control: no-cache, no-store
pragma: no-cache
content-encoding: gzip
expires: -1
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f
x-azure-ref: 0PVczYgAAAAALUP/AuNfVQ6daiY/a1K+PTE9OMjFFREdFMDIxOQBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
date: Thu, 17 Mar 2022 15:43:58 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: rb-oaseYWKwuZ7y3qFZcXEn_fz9gAeY3xHAouEXvrDXtNa3BwDHrxA==

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Date: Thu, 17 Mar 2022 15:43:57 GMT
Connection: close
Content-Length: 341

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 102 KB
39 KB 149ms
54ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-N9RP7N4

Requested by

Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb42828e28d4af3a30bc5aa8c86dde525bd2cdd52d445ef0843b48b069c3cce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39146
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:43:59 GMT

GET
H/1.1 200
OK aha-custom-gtm-recipes.js Show response
static.heart.org/ahaanywhere/sitecore/gtm/ 18 KB
4 KB 189ms
8ms Script
text/javascript 143.204.98.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.heart.org/ahaanywhere/sitecore/gtm/aha-custom-gtm-recipes.js
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-78.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0ea0ddb80386c4e40b4769898e7faac40d1189176137ec1636ab85ee1d6008c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 03:33:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 19:38:10 GMT
Server: AmazonS3
Age: 45250
ETag: W/"9195c922b15c0d81ac5392ba57121ab5"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: DLQE04scxyERhNou6w3gLqmZ1eUGoUC479zMk0e576xxRmFgK1hTSA==

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 134ms
50ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d3029e680cfd4e101b07cf89c127633fb65cc6c9faa0561b2cb6e1df3d862e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 15:18:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 15:43:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 15:43:59 GMT

GET
H2 200 vendor.css
www.heart.org/dist/common/ 10 KB
3 KB 23ms
22ms Stylesheet
text/css 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heart.org/dist/common/vendor.css?v=1.28.2.32175
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: edd56323100ed16d2325864c682df0ec63d453c2279cb8d8bef04c5f98e8422c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:49 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 12:48:46 GMT
age: 9
etag: "0cb7cd9ea32d81:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 fra1-bit28, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-azure-ref: 0NVczYgAAAABprbbaUj8uT7vA8mlmKQsvTE9OMjFFREdFMDIxNQBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2280
x-amz-cf-id: -IfTiarlvfilqB-RPBpuXExD5U0jNYiBYTgjT1TmRtPgYd_5rZyIyQ==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 app.css
www.heart.org/dist/common/ 815 KB
99 KB 14ms
13ms Stylesheet
text/css 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heart.org/dist/common/app.css?v=1.28.2.32175
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b426100b8c51f4d157fbcd4b61fdae21a556db6944e4422f827335f7fbed48ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:49 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 12:48:46 GMT
age: 9
etag: "0cb7cd9ea32d81:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-azure-ref: 0NVczYgAAAACVPcczDbPCSrLLz6w3HDt0TE9OMjFFREdFMDIxMgBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 101192
x-amz-cf-id: SO28LAjS2FS91DwbwjRMNq1JD_7DJI0QPYMMt_SGOFjnOOksdyXr1Q==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 VisitorIdentification.js Show response
www.heart.org/layouts/system/ 2 KB
1 KB 124ms
123ms Script
application/x-javascript 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heart.org/layouts/system/VisitorIdentification.js
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:58 GMT
content-encoding: gzip
last-modified: Wed, 13 Nov 2019 17:15:00 GMT
x-amz-cf-pop: FRA50-C1
etag: "04243e1459ad51:0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/x-javascript
via: 1.1 fra1-bit28, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-azure-ref: 0PlczYgAAAADRR7FUIeh+TYdWE9qq+SJDTE9OMjFFREdFMDIxNQBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
accept-ranges: bytes
content-length: 910
x-amz-cf-id: -ZopRSphSAaqhqrH8ozc7RjRpRWjmTSQzLqYKZWN68OIZ-RQB24p-A==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H/1.1 200
OK global.css
static.heart.org/ahaanywhere/sitecore/global/css/ 475 B
936 B 187ms
7ms Stylesheet
text/css 143.204.98.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.heart.org/ahaanywhere/sitecore/global/css/global.css?v=1.28.2.32175
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-78.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 700a200b1ace0d45b888da31288dd2c5a28303a41096c348fd07c4885afac9c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 22:14:44 GMT
Via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
Last-Modified: Thu, 17 Dec 2020 22:21:56 GMT
Server: AmazonS3
Age: 64426
ETag: "a68405569a94ae7cd62f0277a20f11fa"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 475
X-Amz-Cf-Id: Jk3uHAqJ54xGDNi55XZ3q6szPh6-owy-83ECB5TCOyNagAP9WJROcQ==

GET
H2 200 CoveoFullSearch.css
static.cloud.coveo.com/searchui/v2.10081/css/ 495 KB
54 KB 89ms
10ms Stylesheet
text/css 143.204.98.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/searchui/v2.10081/css/CoveoFullSearch.css
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-35.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5f8625b59e3eaa335c35fcc9324d99981aab5ed1e338585ef13ccb793627f70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: oKUQ1q0vIByjOLRldeFwueFPFivePmLN
content-encoding: gzip
etag: W/"410e08bdafd7e7de691dc6c6f291a3a0"
age: 38721
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 11 Nov 2020 23:20:36 GMT
server: AmazonS3
date: Thu, 17 Mar 2022 05:00:59 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: b8ag8-2ObGO3g9Xa-bJ6bPiw1Tqs3eAUmvWA-pgcxTaW87Kz2ZbgwA==

GET
H2 200 CoveoForSitecore.css
static.cloud.coveo.com/coveoforsitecore/ui/v0.51.5/css/ 3 KB
1 KB 89ms
10ms Stylesheet
text/css 143.204.98.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.51.5/css/CoveoForSitecore.css
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-35.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eeb11bd521b056e3353924df9585403d013b2ccca5122db56ae4272816bfc349

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: PwLu94LSn1yQxYnChByI_E.jxlsso0cq
content-encoding: gzip
etag: W/"cc29b982e891149cbcba84be767da325"
age: 38916
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 12 Feb 2021 15:01:03 GMT
server: AmazonS3
date: Thu, 17 Mar 2022 04:58:14 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vXgbE94a3Gp4WkTTIVYlby5_mpl4MU10o47dkjhvJQ1OQzRtHETfcg==

GET
H2 200 CoveoJsSearch.Lazy.min.js Show response
static.cloud.coveo.com/searchui/v2.10081/js/ 796 KB
221 KB 90ms
11ms Script
application/javascript 143.204.98.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/searchui/v2.10081/js/CoveoJsSearch.Lazy.min.js
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-35.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a47074a7b880e0fcbbe50992029e2571050f96d5e249d202edc38ca02a5fcbe2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SqlaYMkqCLBAf68ylUybKMwcRFfbq0Ys
content-encoding: gzip
etag: W/"5ed2d21e73e23c150a8b5598f3257b4b"
age: 51326
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 11 Nov 2020 23:20:12 GMT
server: AmazonS3
date: Thu, 17 Mar 2022 01:29:20 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: jURxriKtsi0Gx7ocFqkfEXvsIaTopN0P8KFxKZqOgop11OqrpLD7HQ==

GET
H2 200 CoveoForSitecore.Lazy.min.js Show response
static.cloud.coveo.com/coveoforsitecore/ui/v0.51.5/js/ 51 KB
11 KB 90ms
11ms Script
application/javascript 143.204.98.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.51.5/js/CoveoForSitecore.Lazy.min.js
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-35.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dcc4d7b5d87c2cacfa9362308b326f65556b56f7ff33166c82d7640df27f1cfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Tr8rGN6rzEpv8VcR_Zw1ewug_o5R5zQa
content-encoding: gzip
etag: W/"6e32cddff608465a6d45320b1ea10a92"
age: 42221
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 12 Feb 2021 15:01:05 GMT
server: AmazonS3
date: Thu, 17 Mar 2022 04:33:50 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HRMSbRr9OXNfsaRCsnU-NyrWbNeBQtJdEoc_lYKcA9OYVEc6lFjmvA==

GET
H2 200 en.js Show response
static.cloud.coveo.com/searchui/v2.10081/js/cultures/ 70 KB
18 KB 90ms
11ms Script
application/javascript 143.204.98.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/searchui/v2.10081/js/cultures/en.js
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-35.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b59191854f38e66c426c080f420a7c81a818b9b86310f88748ef05ea4195a48f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 6mPhdw4r4i8LHgNp1S5q70kWEKRGFUKt
content-encoding: gzip
etag: W/"565d9854bdb5e344e4b6dec706ec6299"
age: 58232
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 11 Nov 2020 23:20:09 GMT
server: AmazonS3
date: Thu, 17 Mar 2022 01:57:02 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: LyQcPCIbWakArKONETg2kH0aiOUShitH785XMXZwiPdNcTRY9WySrQ==

GET
H2 200 AHA_icon.svg
www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Header/ 11 KB
12 KB 21ms
19ms Image
image/svg+xml 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Header/AHA_icon.svg?h=256&w=200&hash=27A6F1B73E457C1C6E045A3B0CA90225
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c946bcb1203faef37d9fbf13f68b277e1d9f346601cc32a764b2ecccc152e71b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:51 GMT
via: 1.1 fra1-bit28, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jun 2020 16:50:23 GMT
age: 8
etag: 8ec0a5d06ca5451e8666f3f7e22ebd31
x-azure-ref: 0N1czYgAAAAAPbXGK7137T40Dtqv0JSd0TE9OMjFFREdFMDIxNQBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=596082
content-disposition: inline; filename="AHA_icon.svg"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 11532
x-amz-cf-id: V7yFcHZHXDIzQAvBM8Wr2TjeqhBSZ3VNNo4BdB3TyExPesYL6vegvQ==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 HONConduct517595_s.gif
www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Footer/ 4 KB
4 KB 16ms
14ms Image
image/gif 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Footer/HONConduct517595_s.gif?h=72&w=49&hash=26EBED6BDB6E71CCF41C668BC91AB30D
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6890fab1d52c1d4c6c40099619c2a67c2b87876e5c3556259bd9105b486fd939

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:50 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Tue, 21 May 2019 16:30:14 GMT
age: 8
etag: 11ff1935c7bd4838847805d59258fa09
x-azure-ref: 0N1czYgAAAADeSrgCD0mnQo96AtdUHw4xTE9OMjFFREdFMDIxOQBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=597840
content-disposition: inline; filename="HONConduct517595_s.gif"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3731
x-amz-cf-id: MIfUZrY2_FSqodVaAP21k2ftZZUCqx3nKDg57GRFWqVdnpln4zWJWg==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 ahalogo.png
www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Two-Click/ 17 KB
18 KB 14ms
13ms Image
image/png 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Two-Click/ahalogo.png?h=165&w=280&hash=F84F6A38256F13EAF9F32E33BFD8ADD0
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2aac310d97170380ed7522403f291d7048f1af838c625008374c875430c4ffeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:50 GMT
via: 1.1 fra1-bit28, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Thu, 12 Jul 2018 23:30:26 GMT
age: 8
etag: 6504f0a61364429dbb4622221101c8f2
x-azure-ref: 0N1czYgAAAABbyNnaufy4Q5B8ff7zCzpATE9OMjFFREdFMDIxOQBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=600104
content-disposition: inline; filename="ahalogo.png"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 17732
x-amz-cf-id: oTZFExNE7-asv5DBvH_UGg12bqlfC7u8eX0bKCOjX8_q8GKoIc5_ow==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 vendor.bundle.js Show response
www.heart.org/dist/common/ 800 KB
298 KB 13ms
13ms Script
application/x-javascript 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heart.org/dist/common/vendor.bundle.js?v=1.28.2.32175
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c178ff2fb77fde559a764e85ecde59bb12019428fe48daa24e09296e2236b4e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:50 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 12:48:46 GMT
age: 7
etag: "0cb7cd9ea32d81:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-azure-ref: 0N1czYgAAAAA8jbf/V+7UQKU0racwGW0UTE9OMjFFREdFMDIxMQBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: JJwZARe8Na8zMuWD1JQjgpglVUuPyJ8yN6V1IjLmGXzrRjERKsOH8Q==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 app.bundle.js Show response
www.heart.org/dist/common/ 426 KB
122 KB 17ms
16ms Script
application/x-javascript 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heart.org/dist/common/app.bundle.js?v=1.28.2.32175
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 39f68d60e8dd30360cffa3ec31431fbc814676df94bd2d5a3068f92733cd530a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:50 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 12:48:46 GMT
age: 8
etag: "0cb7cd9ea32d81:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-azure-ref: 0N1czYgAAAAAdTHB/aIwWTZnb6I4hjw8aTE9OMjFFREdFMDIxNgBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 124646
x-amz-cf-id: coCFonPYGfeX0TnW7QXtZvjjgO2FP9leg4CQ99oUHPrAQVHjQ-UZwQ==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 ARMPCVPV Show response
cdn.fundraiseup.com/widget/ 162 KB
47 KB 132ms
89ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fundraiseup.com/widget/ARMPCVPV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4afac6d45cf228f8bb36270a57e33c331b0761ab40b4052cb3634ee488fcdc26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
server: cloudflare
link: <https://static.fundraiseup.com/2.678514a0cd01.vendors~sentry.js>; rel=preload; as=script, <https://static.fundraiseup.com/1.4b401683c097.sentry.js>; rel=preload; as=script, <https://static.fundraiseup.com/60deeceaf2bb.api.js>; rel=preload; as=script
etag: W/"2524819735"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6ed6d8eb0a259963-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 240 KB
75 KB 176ms
67ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRLD9XQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c212e843bdb3bee0e1543c19bccc591bfa0229b552ca8cf9800a8b7ff8a56f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76779
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Mar 2022 15:43:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
488 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/searchui/v2.10081/css/CoveoFullSearch.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0157ef16f507de35a2b47f159c3686f13b7c6757d38d6e02a3062f93127b8f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.cloud.coveo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 14:29:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 15:43:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 15:43:59 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 30 KB
31 KB 127ms
41ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heart.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:55:47 GMT
x-content-type-options: nosniff
age: 186492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 11:55:47 GMT

GET
H2 200 token Show response
www.heart.org/coveo/rest/ 350 B
920 B 117ms
117ms Fetch
application/json 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heart.org/coveo/rest/token
Requested by: Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.51.5/js/CoveoForSitecore.Lazy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b4fda80c057f0e0308ea829f9352768ef646298b4aedd875e36fbc497487e8c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:58 GMT
via: 1.1 fra1-bit28, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
cache-control: private
x-azure-ref: 0P1czYgAAAACjDmHBj1UBS5eTPLixMhY4TE9OMjFFREdFMDIxOQBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
content-encoding: gzip
content-length: 475
x-amz-cf-id: XqdlrbB_Ht13kKziuP7zsbNY8c3Rgjv1AAQ331kG5uVJQY7O5IV0zg==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 search.svg
www.heart.org/-/media/Project/Common/glyphs/ 651 B
1 KB 11ms
11ms Image
image/svg+xml 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Project/Common/glyphs/search.svg?h=24&iar=0&mw=960&w=24&hash=7E164D3FB82E28F558461DC2B26FBA0A
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 24e0235323ec7b6fd5ade8b32b8a0798f10e3d6be5de7d7a18dfc9aedde6085b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:51 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Fri, 15 Nov 2019 17:53:07 GMT
age: 7
etag: 3b73e068c5584b76b5a4d5809a475277
x-azure-ref: 0N1czYgAAAADXvB/6acJrRoRtKlheDrzfTE9OMjFFREdFMDIxMgBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=588782
content-disposition: inline; filename="search.svg"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 651
x-amz-cf-id: cM7bJar2yv7l8jDNvQVVB5khkEPDKhu7sldjDdaD9bVcOGO_O8XcNg==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 2.678514a0cd01.vendors~sentry.js Show response
static.fundraiseup.com/ 91 KB
26 KB 36ms
26ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/2.678514a0cd01.vendors~sentry.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e7bea15090230d6990b532739ca0437a5b5433333513a6a2a7968184b001008

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1489049
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VKFT018PXS9BGWCX
x-amz-id-2: jgLUrdsvlM+sBecZp3qSTpKhzyql66vOW1zR5+eaGx0C4MfBWryucqSyJD8Q//nAzqThzQww6dk=
last-modified: Mon, 28 Feb 2022 07:40:42 GMT
server: cloudflare
etag: W/"9175bd903d84092237a5e470664f948c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8ebdba39963-FRA

GET
H2 200 1.4b401683c097.sentry.js Show response
static.fundraiseup.com/ 1 KB
865 B 34ms
25ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1.4b401683c097.sentry.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

225b015805bba46da83b81f808d5e0db7292f5f5f903c62a882d29461452bd95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 101860
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VD4RP8Y2JQAZDX8X
x-amz-id-2: oEsygRuR/MxeiSODafUXzhJR4a4dcyFLQHRJPNyo15kRzZeGPhpfDRhNAKBY/U69hkbC1BMvfz0=
last-modified: Wed, 16 Mar 2022 11:13:45 GMT
server: cloudflare
etag: W/"f1f986d27e3b4a568fa7e7160cd8e403"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8ebdba59963-FRA

GET
H2 200 60deeceaf2bb.api.js Show response
static.fundraiseup.com/ 380 KB
118 KB 43ms
34ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/60deeceaf2bb.api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db4f92145485f3e51fa99780a20c21067ad17b9c62fe7ae41f531eb3a2bc7b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 19563
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: X71F1T2QY39ER7EV
x-amz-id-2: GnNDdwoC4a+j66hqfWuZfCsz9DkbwgN4IRGivpEXpIwFyKtoe05SBu7u81doCidKZhNdlkqkRfQ=
last-modified: Thu, 17 Mar 2022 10:05:21 GMT
server: cloudflare
etag: W/"979760567109ea9fa480e17473bbf9c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8ebdba29963-FRA

GET
H2 200 twitter-gray.svg
www.heart.org/-/media/Feature/Navigation/Social/ 3 KB
3 KB 12ms
11ms Image
image/svg+xml 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Feature/Navigation/Social/twitter-gray.svg?h=52&iar=0&mw=960&w=52&hash=F62CADED1F2898E8EE0F8950C8E7C178
Requested by: Host: www.heart.org
URL: https://www.heart.org/dist/common/vendor.bundle.js?v=1.28.2.32175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d15ab44c364eccd372ba231b62cf944254cbc478e82fbfe07bdc91ff6ae8b1b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:52 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jan 2022 20:40:01 GMT
age: 7
etag: 116f6afeec254e4888861b776af6c749
x-azure-ref: 0OFczYgAAAADv1FmRCI5VQ7RPQU6BDSStTE9OMjFFREdFMDIxMgBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=600111
content-disposition: inline; filename="twitter gray.svg"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2733
x-amz-cf-id: l0M4BCNWSfYAmQ0lHzpfqcmteYoWSznl-Mc_BPmbv-KKczfZmRxyIA==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 facebook-gray.svg
www.heart.org/-/media/Feature/Navigation/Social/ 2 KB
2 KB 16ms
15ms Image
image/svg+xml 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Feature/Navigation/Social/facebook-gray.svg?h=52&iar=0&mw=960&w=52&hash=33465ADC41884841750228F71D10B2B4
Requested by: Host: www.heart.org
URL: https://www.heart.org/dist/common/vendor.bundle.js?v=1.28.2.32175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: eefdd22a28ed95e3c9e641c9cd2e362e1af779250df166a23c3f0f1e0b1f89e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:51 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 18:27:04 GMT
age: 7
etag: f48fab8f64e442838448729ad24973a8
x-azure-ref: 0OFczYgAAAAB3aNGRWDCbRIO/kjLRdWzlTE9OMjFFREdFMDIxNgBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=603159
content-disposition: inline; filename="facebook gray.svg"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1898
x-amz-cf-id: 8Abbq9g0uwE_1KqvwxjW6PUh88IOgH-0KXI5XRGiS5LGyLzWznZN-Q==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 instagram-gray.svg
www.heart.org/-/media/Feature/Navigation/Social/ 3 KB
4 KB 14ms
13ms Image
image/svg+xml 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Feature/Navigation/Social/instagram-gray.svg?h=52&iar=0&mw=960&w=52&hash=97FB156508DB9D7E1B4078CC66612140
Requested by: Host: www.heart.org
URL: https://www.heart.org/dist/common/vendor.bundle.js?v=1.28.2.32175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f524e504fce6cb5cf80547360264dc3f23e76d5b4a4529207e2c5b39a877c652

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:51 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 18:28:11 GMT
age: 7
etag: e20efaf84e3043ac87f21bdb49bfeb20
x-azure-ref: 0OFczYgAAAADebBl9isVER6A5fXpMQco6TE9OMjFFREdFMDIyMQBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=594032
content-disposition: inline; filename="instagram gray.svg"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3442
x-amz-cf-id: lsdFpGoBYL1F5fu4vm6pqholUNqpw9qy-nWxsohfaLR9mo38PRBYGw==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 youtube-gray.svg
www.heart.org/-/media/Feature/Navigation/Social/ 3 KB
3 KB 15ms
14ms Image
image/svg+xml 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Feature/Navigation/Social/youtube-gray.svg?h=52&iar=0&mw=960&w=52&hash=F527E6110617B9C45AE48599E6978ECC
Requested by: Host: www.heart.org
URL: https://www.heart.org/dist/common/vendor.bundle.js?v=1.28.2.32175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2e9dddca45003db055a2e790b13c641e06ab6d4a6915ea7b22f4341fe753163e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:54 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 18:30:40 GMT
age: 5
etag: 1d6f1d68a1fa4d51a9f1933d96c69f01
x-azure-ref: 0OlczYgAAAADE6DF2/q71SYXAusnSKjFsTE9OMjFFREdFMTUwOQBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=604410
content-disposition: inline; filename="youtube gray.svg"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2560
x-amz-cf-id: ceppuJfFCMWU-NnMGakYYomS8_hUFtDyBddnK8uQ_yjKXD_ftksiKQ==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 pinterest-gray.svg
www.heart.org/-/media/Feature/Navigation/Social/ 3 KB
3 KB 15ms
14ms Image
image/svg+xml 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Feature/Navigation/Social/pinterest-gray.svg?h=52&iar=0&mw=960&w=52&hash=56E0F9174853E59F7211DBE1E6D3E0D4
Requested by: Host: www.heart.org
URL: https://www.heart.org/dist/common/vendor.bundle.js?v=1.28.2.32175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: edef4fe657f8b9782572d52cd13c1ac7089be4352523ed1c7c7cdd455792f822

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:54 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 18:29:25 GMT
age: 5
etag: 7a9075d0778149dba32dcac9216a3ad9
x-azure-ref: 0OlczYgAAAAAcgZ+vEIAeS52MQPZncD1+TE9OMjFFREdFMDIxMgBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=594980
content-disposition: inline; filename="pinterest gray.svg"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3016
x-amz-cf-id: 9gyuxoLj2YjgW11GnK2rG8RJm1L7wBxbllRrq_FiiOdtraUKB3-6og==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 linkedin-gray.svg
www.heart.org/-/media/Feature/Navigation/Social/ 2 KB
3 KB 12ms
12ms Image
image/svg+xml 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Feature/Navigation/Social/linkedin-gray.svg?h=52&iar=0&mw=960&w=52&hash=C5DB01D669B2BAF0A1E09AC5E024EB72
Requested by: Host: www.heart.org
URL: https://www.heart.org/dist/common/vendor.bundle.js?v=1.28.2.32175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ebb832a9559de76a7d620bd1d51c10bc6521431848893abea058bc5d32f1cd31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:54 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 18:28:46 GMT
age: 5
etag: 25ecaf6c317e441c9a51374afd5979b8
x-azure-ref: 0OlczYgAAAABeikrQ7z8AT5L9oRd/IvpMTE9OMjFFREdFMDIxMgBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=603171
content-disposition: inline; filename="linkedin gray.svg"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2295
x-amz-cf-id: ZclU2Fb00jkP66gUEWRa6cqbO-imC4epxyY3wZWq58WmQ8dXQ0Y63Q==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 DR_March_wtg_overlaphero.jpg
www.heart.org/-/media/Direct-Response-Images/March-2022/ 68 KB
69 KB 11ms
11ms Image
image/jpeg 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Direct-Response-Images/March-2022/DR_March_wtg_overlaphero.jpg?h=533&iar=0&mw=1140&w=890&hash=D12A0A6CFD82DD158E6E59E4C6722F7E
Requested by: Host: www.heart.org
URL: https://www.heart.org/dist/common/vendor.bundle.js?v=1.28.2.32175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e0a8af2d1bce0aea705915e58823c16579b3c9766c00edbdea98e61e05515eeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:51 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Tue, 22 Feb 2022 13:48:59 GMT
age: 7
etag: 18bab3a8b47d4260b9bfb0a4e3c08641
x-azure-ref: 0OFczYgAAAADpPFKSO5b1RL2CmW6J3kPaTE9OMjFFREdFMDIxNgBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=373747
content-disposition: inline; filename="DR_March_wtg_overlaphero.jpg"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 69609
x-amz-cf-id: iDVK3FhDK0TgwXQ0ogIsPFhOsmEQ3xXka8Y9pnqixtCjQ_ml4u0MMw==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 AHA_Full.svg
www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Header/ 27 KB
27 KB 12ms
11ms Image
image/svg+xml 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Header/AHA_Full.svg?h=256&iar=0&mw=960&w=426&hash=0DABA00FF5BAFEF13579E5C0CC322FA1
Requested by: Host: www.heart.org
URL: https://www.heart.org/dist/common/vendor.bundle.js?v=1.28.2.32175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c5020ca534ae8bf5ab0a13f8733a99563e639e600a1669f426ce11d5c3023607

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:52 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Wed, 04 Aug 2021 14:10:24 GMT
age: 7
etag: 30eadd0958e54fd8a4d1fd8670dfd865
x-azure-ref: 0OFczYgAAAADnSLO/5ZigSYIDqpBSteRLTE9OMjFFREdFMTUwOQBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=594040
content-disposition: inline; filename="AHA_Full.svg"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 27249
x-amz-cf-id: x-gBLD7_eRHEzgaAzG_5cyzvEvWwI4AHV1OzEYJq1W0zvq4KB7f6Ww==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 Tiktok_grey.png
www.heart.org/-/media/Feature/Social/ 686 B
1 KB 11ms
10ms Image
image/png 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Feature/Social/Tiktok_grey.png?h=52&iar=0&mw=960&w=52&hash=2C6B9CE30538A91433C446B26D44E360
Requested by: Host: www.heart.org
URL: https://www.heart.org/dist/common/vendor.bundle.js?v=1.28.2.32175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b418bd211959f9bef97c58f329c935e4a0da4fc963b1fe8b8a9dd0a4cf68a923

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:53 GMT
via: 1.1 fra1-bit28, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jan 2022 17:04:36 GMT
age: 5
etag: a994fdcbe9fe48d4999209e10442d855
x-azure-ref: 0OVczYgAAAABepsnY8WgHTJq5XqLCjpfiTE9OMjFFREdFMDIxNQBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=580389
content-disposition: inline; filename="Tiktok_grey.png"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 686
x-amz-cf-id: eyjxIsNviBeKhyjRcQpEH97SZKMj4k4PRDq5t-5GyuVHpOlH6lgJQA==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 nhc_optimized.png
www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Footer/ 3 KB
4 KB 19ms
18ms Image
image/png 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Footer/nhc_optimized.png?h=50&iar=0&mw=960&w=49&hash=A5011B2251C776E7437E64E2B0A786D7
Requested by: Host: www.heart.org
URL: https://www.heart.org/dist/common/vendor.bundle.js?v=1.28.2.32175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ccbc17f385961a51b9c36da52a5fe73602d83ae764b7c95982140d305fa6c986

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:54 GMT
via: 1.1 fra1-bit28, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jun 2018 14:43:37 GMT
age: 5
etag: 05196131050e4f7dbc0cdc5686d5fe82
x-azure-ref: 0OlczYgAAAABdrHwXZ+RtSKeAfBwM7nL/TE9OMjFFREdFMDIxOQBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=601904
content-disposition: inline; filename="nhc_optimized.png"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3407
x-amz-cf-id: Azi23NX_SOxi76tliPY--4FfbENcrFHUsmuZo-zWv-CkaqCb0sno0g==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 bbb_100px.png
www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Footer/ 11 KB
12 KB 11ms
10ms Image
image/png 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Footer/bbb_100px.png?h=50&iar=0&mw=960&w=31&hash=0E762D14C3D4A88FB3F216EF91B46246
Requested by: Host: www.heart.org
URL: https://www.heart.org/dist/common/vendor.bundle.js?v=1.28.2.32175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4ffc621fbaae854cb378753b4cc95a7d670ef67e6ed37dea4ddfe1c53f3feab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:53 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jun 2018 14:41:20 GMT
age: 5
etag: 17f706659a7141df9caad37195d2a813
x-azure-ref: 0OlczYgAAAAAcZZ0002G4So4m94YNg7QBTE9OMjFFREdFMDIxMQBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=601903
content-disposition: inline; filename="bbb_100px.png"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 11530
x-amz-cf-id: D-HYDt9cNt8_eatpBkv_78-n1v_EtolTj2PrJVRdZgW3Zazb2D7Odg==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 Charity-Navigator.png
www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Footer/ 21 KB
21 KB 12ms
11ms Image
image/png 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Footer/Charity-Navigator.png?h=50&iar=0&mw=960&w=100&hash=2097D847A9074176B7F64718A16325F2
Requested by: Host: www.heart.org
URL: https://www.heart.org/dist/common/vendor.bundle.js?v=1.28.2.32175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4f6f06de09e81fb1d8c1dfd1e80897627094415c402ea79cd5bfa501b692ff64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:54 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jun 2018 15:44:15 GMT
age: 5
etag: 321dc12af0cd4e18b6c7a63701fcb1cd
x-azure-ref: 0OlczYgAAAABEOMBuFo/VS7HVkz2ktpZETE9OMjFFREdFMDIxNgBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=604742
content-disposition: inline; filename="Charity Navigator.png"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 21123
x-amz-cf-id: WXkNm5fmG7pxbNu3w2_LE2heehmjRjcoeUHgiyVLE8tRqmIHe7ACOw==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 ComodoSSLSecureSeal.png
www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Footer/ 3 KB
4 KB 12ms
12ms Image
image/png 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Images/Logos/Global-Do-No-Edit/Footer/ComodoSSLSecureSeal.png?h=50&iar=0&mw=960&w=76&hash=01F6E3635220B7BB54CF7531FDA5B046
Requested by: Host: www.heart.org
URL: https://www.heart.org/dist/common/vendor.bundle.js?v=1.28.2.32175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4deae550f590f3cc3882793557495b94eb2a20e5614bd020063670f3a053c5e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:53 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Wed, 22 Sep 2021 19:10:27 GMT
age: 5
etag: b3ff50f1ef344ea0ae41f6ddeb7750cb
x-azure-ref: 0OlczYgAAAABPmGjijZNDTaek8Xx9RXGtTE9OMjFFREdFMDIyMQBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=603724
content-disposition: inline; filename="ComodoSSLSecureSeal.png"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3193
x-amz-cf-id: rs76s_oVDlGLWAc4poYk3kFToQfITPYzYrwkdrT936ngt-xhirExog==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 aha-icon-font.ttf
www.heart.org/dist/common/assets/fonts/ 3 KB
3 KB 8ms
8ms Font
application/octet-stream 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heart.org/dist/common/assets/fonts/aha-icon-font.ttf
Requested by: Host: www.heart.org
URL: https://www.heart.org/dist/common/app.css?v=1.28.2.32175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b81cca9f8e85db6ea1ee1c5c3115ce2dc3b52afb4bb6ea6eb06cdb8d8d315170

Request headers

Referer: https://www.heart.org/dist/common/app.css?v=1.28.2.32175
Origin: https://www.heart.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:43:08 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Thu, 10 Mar 2022 19:54:36 GMT
age: 68450
etag: "c43b5eabb834d81:0"
x-azure-ref: 03UsyYgAAAABz/o1irTqPRqmnimpNYXCwTE9OMjFFREdFMDIyMgBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: application/octet-stream
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3032
x-amz-cf-id: L0IN-1Dtu6uqpNVrj8n82rxy1DrnUnfGpD0fjx-AS3AtD7Pm5SFQVQ==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 search.svg
www.heart.org/-/media/Project/Common/glyphs/ 651 B
1 KB 13ms
13ms Image
image/svg+xml 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Project/Common/glyphs/search.svg?h=24&w=24&hash=2B7D80E138A48359BB67F2A29F7B330A
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 24e0235323ec7b6fd5ade8b32b8a0798f10e3d6be5de7d7a18dfc9aedde6085b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:51 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Fri, 15 Nov 2019 17:53:07 GMT
age: 7
etag: 3b73e068c5584b76b5a4d5809a475277
x-azure-ref: 0N1czYgAAAADXvB/6acJrRoRtKlheDrzfTE9OMjFFREdFMDIxMgBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=588782
content-disposition: inline; filename="search.svg"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 651
x-amz-cf-id: vwIvMtG8WUX-itrhwwMq-PxyKareBJl_ef4j4I7531ThATY9iVugyg==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

GET
H2 200 external.min.js Show response
secure.rating-widget.com/js/ 115 KB
34 KB 254ms
204ms Script
text/javascript 2606:4700:3031::ac43:990b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.rating-widget.com/js/external.min.js?ck=Y2022M2D17
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:990b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 319cfe60bbe92497d3ad526fb4b252ed14f9f3e64e7493712382fba2ac21d97f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 28 May 2018 10:01:00 UTC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxTBfu3PRuVdkEBYhxEQhX0mJhpvjrbOUH9isZ7ncBcIkVk7QzdYuR8wyyIL8FTDmUr%2FlEkkNWud41ZL%2FZu2Wvm52aJVGK3lrhBs%2FXvM7os%2Fim9eTSB2yIoj%2Fv1M8UwqB7CE6YVYamz%2Fg4Lho%2FNWwlfDscSFKic%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed6d8ee4fcc9b74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 28 May 2019 10:01:00 GMT

POST
H2 200 resolve Show response
api.fundraiseup.com/widget/v4/ 495 B
541 B 114ms
98ms XHR
application/json 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/widget/v4/resolve?key=ARMPCVPV&livemode=true

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/ARMPCVPV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6869bcc3ec0bf6433e0000ff41c403f35673e79eeafb555b24c9f67ec33ccd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, x-xsrf-token
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.heart.org
access-control-max-age: 86400
access-control-allow-credentials: true
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6ed6d8eea8229963-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 resolve Show response
api.fundraiseup.com/widget/v4/ 10 KB
2 KB 126ms
116ms XHR
application/json 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/widget/v4/resolve?key=ARMPCVPV&livemode=true

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/ARMPCVPV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4281fdde1af810498e055fbc85b41ee02cfe2d9d33bf090e111c094f43978de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, x-xsrf-token
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.heart.org
access-control-max-age: 86400
access-control-allow-credentials: true
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6ed6d8eea81e9963-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4812cf4a078168d4a1338dc71eeb59def7a0699ac3535d3f6016e79832a054a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 checkout Show response
api.fundraiseup.com/ 7 KB
3 KB 375ms
372ms XHR
application/json 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/checkout?key=ARMPCVPV&livemode=true

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/ARMPCVPV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d97a284a814cdef1e74960ff7ee54f2009c58c26c76e6adb19f0b190b741d91e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-response-time: 50ms
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heart.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-security-policy: frame-ancestors 'self' fundraiseup.com
cf-ray: 6ed6d8eea8219963-FRA
expires: 0

POST
H2 200 / Show response
sentry.fundraiseup.com/api/2/envelope/ 2 B
160 B 300ms
96ms Fetch
application/json 147.135.78.45
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.fundraiseup.com/api/2/envelope/?sentry_key=cb0af19166ad4bdeb8c3efc4848d6635&sentry_version=7
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.678514a0cd01.vendors~sentry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.135.78.45 , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Caddy, nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.heart.org
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
server: Caddy, nginx
date: Thu, 17 Mar 2022 15:44:00 GMT
content-length: 2
vary: Origin
content-type: application/json

GET
H3 200 2.490c577698a7.vendors~bootvue~checkoutForm~p2p-new-form~showcaseform~widgetgui.js Show response
static.fundraiseup.com/ 28 KB
10 KB 75ms
56ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/2.490c577698a7.vendors~bootvue~checkoutForm~p2p-new-form~showcaseform~widgetgui.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99928e1d5c4f74371f9fc7b7456413620a6e9bef1d1cadd7ba623ae2a479c711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 27223
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AG213S0W588KMMR3
x-amz-id-2: FxM0oNEBDY5DZ0Yejzyn1JDrpwRLDx+bZKrl2DJVrdYvrB4rrPhw/jSfF0K0M6yE3ISX0DbtJrc=
last-modified: Thu, 17 Mar 2022 07:55:03 GMT
server: cloudflare
etag: W/"de6d843def566a081c012fc2adb6961b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8ef88f4906d-FRA

GET
H3 200 4.1dc89953948b.vendors~bootvue~checkoutForm~showcaseform~widgetgui.js Show response
static.fundraiseup.com/ 39 KB
12 KB 42ms
23ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/4.1dc89953948b.vendors~bootvue~checkoutForm~showcaseform~widgetgui.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fce8b205adf39e81fb11c6e324fd31228c860770b118744e3267b46f6dd6791

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 27223
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AG2CHVB9S1Q0F3HF
x-amz-id-2: 2+uIr8mJhdRi/im0mS7KMCN0bfilIrjVxmI9gmNLdyY0p2UJ6sQqPTi7Ghz0u5ZAR4m75YWFj5Y=
last-modified: Thu, 17 Mar 2022 07:55:08 GMT
server: cloudflare
etag: W/"989654d711ba81afdf8f577d403bae26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8ef88f2906d-FRA

GET
H3 200 3.bd62720df09c.bootvue~checkoutForm~showcaseform~widgetgui.js Show response
static.fundraiseup.com/ 78 KB
22 KB 76ms
57ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3.bd62720df09c.bootvue~checkoutForm~showcaseform~widgetgui.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2318a35f3a5066567bcd97cdd395879d38ee50094f7b257628828c22017aad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 27223
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AG254XSRY9YPDXF3
x-amz-id-2: l9afPIrgNMY/itFPS3yyks4lhWSOMjkJ8XiZTj2/6ayT7anPPbUXpsew+JSzyumbjB6jMIQ5qu4=
last-modified: Thu, 17 Mar 2022 07:55:06 GMT
server: cloudflare
etag: W/"1f78a1d202fed76a37945d10625fef78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8ef88f6906d-FRA

GET
H3 200 6.2478de24c17a.checkoutForm~debug-panel~showcaseform.js Show response
static.fundraiseup.com/ 25 KB
6 KB 59ms
40ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/6.2478de24c17a.checkoutForm~debug-panel~showcaseform.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c38e831272f5b7c4436af23dd41ec2ccd2de5d41a4fa79665ac7f85aa541b4a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 27223
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AG2A4XWRWA8H00Q3
x-amz-id-2: QOC1J/twe/7xOxcyxUVcAi4z4Ogt9dqpGeznlCpjUTaPqB5hDuQD/sLZsFPWtrnbaB1eg3IzO3s=
last-modified: Thu, 17 Mar 2022 07:55:09 GMT
server: cloudflare
etag: W/"b1632e1c986357139b6762ba379310e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8ef88fa906d-FRA

GET
H3 200 69.25843d6b84fb.checkoutForm.js Show response
static.fundraiseup.com/ 61 KB
17 KB 76ms
58ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/69.25843d6b84fb.checkoutForm.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b0e4fb8ab5722c00b34ab835d4beb230190be74c92a9aa757db4095535184fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 27223
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AG2C5145YQAEBTJN
x-amz-id-2: dPqOpL6l1xuhQ+EoBiai1TrCrkkgeWgJopYXHAJo4PgWksG7t+XCTNALX69GhDIl4ATM9iKrolg=
last-modified: Thu, 17 Mar 2022 07:55:09 GMT
server: cloudflare
etag: W/"ec2a47a0958fed60bd6f6b46867ee341"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8ef88fb906d-FRA

GET
H3 200 8.aaa1e3d7087d.vendors~p2p-new-form~top-fundraisers~widgetgui.js Show response
static.fundraiseup.com/ 16 KB
6 KB 93ms
75ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/8.aaa1e3d7087d.vendors~p2p-new-form~top-fundraisers~widgetgui.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6ef62155c90bce76e8ad6235e7a8d1ec1fc121bb7f81a1df43e9d6c6b14c2e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 27223
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AG2APK9HEHCBTKGQ
x-amz-id-2: MKdWP68qDeOgr3FTG/xzdR+MFF3rq+TI7T5PbX0QU1Boi2ca0+ph6BIQ8vUoNaOcuo1gShssdvI=
last-modified: Thu, 17 Mar 2022 07:55:10 GMT
server: cloudflare
etag: W/"c8af6a6547b8064d3a42f7358f081294"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8ef88ff906d-FRA

GET
H3 200 366.4b1cca36f9e5.widgetgui.js Show response
static.fundraiseup.com/ 869 KB
149 KB 59ms
41ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/366.4b1cca36f9e5.widgetgui.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d998cf2b521a653733947733d0a034b11847eb0f321b81674e5d11ea2997cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 27223
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AG25BR2F8ZW6X28F
x-amz-id-2: s+hHBUhkJj3GtX3NCbmdNCA8/hHk9FxodFKfgg/mhe0uG6k6xRolganRJJUGSt63Gkz4aDsZ3TA=
last-modified: Thu, 17 Mar 2022 07:55:08 GMT
server: cloudflare
etag: W/"b88ebe423aa7928d888394c0add769fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8ef8901906d-FRA

GET
H2 200 Searchbox.min__4da234f0fccb61abb03c.js Show response
static.cloud.coveo.com/searchui/v2.10081/js/ 97 KB
22 KB 9ms
8ms Script
application/javascript 143.204.98.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/searchui/v2.10081/js/Searchbox.min__4da234f0fccb61abb03c.js
Requested by: Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/searchui/v2.10081/js/CoveoJsSearch.Lazy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-35.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1bdd65a5e3e7a05bfa5a414b2b19afe377a2845d8e78e34e6db65601ce47888

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: u_M4VXDcn1xS6eV62xdQacZoM4dWNevK
content-encoding: gzip
etag: W/"85ffb48432e95e5167ec632585cd7974"
age: 72193
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 11 Nov 2020 23:20:15 GMT
server: AmazonS3
date: Thu, 17 Mar 2022 04:33:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: OtQdhTOXOdzzyuWL_bfIbEh3c4bjJRmgFO3dTuzKsqUqWmR5nEYOGg==

GET
H2 200 CoveoForSitecoreConfigureSearchHub.min.js Show response
static.cloud.coveo.com/coveoforsitecore/ui/v0.51.5/js/ 1 KB
1 KB 9ms
8ms Script
application/javascript 143.204.98.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.51.5/js/CoveoForSitecoreConfigureSearchHub.min.js
Requested by: Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.51.5/js/CoveoForSitecore.Lazy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-35.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3adfaa9910b7ffe1cdade00c342d2593833e7cefd9093ce3b5eb5dca8cb59345

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: RAdJsi.vPhtBklLXciOgcvHl51V1OyDA
content-encoding: gzip
etag: W/"4690e5811a9f396364b67a3aff84eaa8"
age: 48906
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 12 Feb 2021 15:01:05 GMT
server: AmazonS3
date: Thu, 17 Mar 2022 02:08:54 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Njbu-p_b694pvgAfiUCFYzdR2ajpkXjskg-8BT_L-rFSTBNqxhoNig==

GET
H2 200 CoveoForSitecoreBindWithUserContext.min.js Show response
static.cloud.coveo.com/coveoforsitecore/ui/v0.51.5/js/ 1 KB
1 KB 9ms
8ms Script
application/javascript 143.204.98.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.51.5/js/CoveoForSitecoreBindWithUserContext.min.js
Requested by: Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.51.5/js/CoveoForSitecore.Lazy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-35.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f8f8a0186f3ef43fe514579317e1f9627d49c83bddc93c78a948a62c78eccf6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: g56BtpsPERT0t0wI3qTbe7_9iAdksVoI
content-encoding: gzip
etag: W/"d63534fc2966544b2c54d20d1fa022dc"
age: 39321
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 12 Feb 2021 15:01:05 GMT
server: AmazonS3
date: Thu, 17 Mar 2022 04:48:39 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: _Uhp-ipWHSjechFeRwfWwZqUMyEOSHG7LG9-AcPHy7C--PncQmzZQQ==

GET
H2 200 CoveoForSitecoreExpressions.min.js Show response
static.cloud.coveo.com/coveoforsitecore/ui/v0.51.5/js/ 2 KB
1 KB 9ms
9ms Script
application/javascript 143.204.98.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.51.5/js/CoveoForSitecoreExpressions.min.js
Requested by: Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.51.5/js/CoveoForSitecore.Lazy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-35.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23bfcecbdebbd0141036e613fd3677defae7d220f3da99692023d8915b738540

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 73sdPDh5RxOM3O_2CqLZ5lUiEYL4J_4Q
content-encoding: gzip
etag: W/"379377ff228e5fb54429e147121e454e"
age: 40141
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 12 Feb 2021 15:01:05 GMT
server: AmazonS3
date: Thu, 17 Mar 2022 04:34:59 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mbJsRo-QLWLtFCdZ4ghoMw-c0sDXdmSI4VsYuLHTliOeeQSjOwN4lg==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 154ms
67ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRLD9XQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14889
x-xss-protection: 0
server: cafe
etag: 11178597599353190569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 15:44:00 GMT

GET
H2 200 hotjar-1023445.js Show response
static.hotjar.com/c/ 10 KB
3 KB 27ms
9ms Script
application/javascript 143.204.98.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1023445.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRLD9XQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-76.fra50.r.cloudfront.net

Software

Resource Hash

b9d36ec6b9214052857b2503e21e25b658bf4689cf9f89ebf512442ff6aab12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 23
etag: W/275c0eaafd3d8d4656a673b2c51d510f
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: C6Qi0Tt-LYW3OefVRbuEO9i8A3lKmS4xmKMVjswzI76BzLrjpYONLQ==
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 339 KB
86 KB 118ms
71ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5F7TTVL&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRLD9XQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14e061144f70007a1a44afca7d506b913e710e9054ff6a01beb1dc70d06310f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88488
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Mar 2022 15:44:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: GB33SQnpGSNPvZpl+RYW3+fDYkVKy4nE/nCp1A/7ah7IkV6A9ziOCyvZtv6+DkLDG7FHkNk+cL6ueJKiS8p5mw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 17 Mar 2022 15:43:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 9 KB
4 KB 64ms
9ms Script
application/javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 15:44:00 GMT
Content-Encoding: gzip
Age: 35562
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21980-LGA, cache-hhn4031-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1647531840.012652,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 01 Oct 2021 05:45:37 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 2, 12430

GET
H2 200 45269291.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 38ms
6ms Script
text/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/45269291.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRLD9XQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: gzip
fastly-original-body-size: 5579
age: 152933
x-cache: HIT
content-length: 5579
x-served-by: cache-fra19175-FRA
x-vimeo-dc: ge
last-modified: Tue, 15 Mar 2022 20:12:27 GMT
server: Apache
x-timer: S1647531840.989622,VS0,VE0
etag: "421e-5da476a72e0c0-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
expires: Fri, 12 Mar 2032 21:15:07 GMT
cache-control: max-age=86400
x-bapp-server: assets-v9132-5zbpp
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14152

GET
H3 200 0.fa4ef3f2f13b.button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~floating-~7cdfe9a2.js Show response
static.fundraiseup.com/ 32 KB
7 KB 51ms
51ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/0.fa4ef3f2f13b.button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~floating-~7cdfe9a2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87ce28c2ad8ff746f41d1cc737e9ab6fc2682513a426fe527d46748969202965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 27223
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AG23DDNAB0C8FQPG
x-amz-id-2: uMrrabs6lnjV2TVdlgtFcUdtTyt3lNSXkduPfCVSXkWPfaEhoxP3DUYW3qti7goGP6hEwkgSgZU=
last-modified: Thu, 17 Mar 2022 07:54:59 GMT
server: cloudflare
etag: W/"2aef093e7cb97848667cf2f694324500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8efe95d906d-FRA

GET
H3 200 350.9290cc71ac8d.text-link-v2.js Show response
static.fundraiseup.com/ 9 KB
4 KB 51ms
51ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/350.9290cc71ac8d.text-link-v2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c0d8411c34a87412af2c0d12b14f405edcb333b02fba4f38a80e49f86c3fc90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 27213
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CRVP3A6FDHPSNWN0
x-amz-id-2: ldN6WsG5VvBCvYal5G+VwNBfRkPHxTB5hAApWDeb+z7uHRbcjuJ0nHl952DgEhocia5ZwlwMldQ=
last-modified: Thu, 17 Mar 2022 07:55:07 GMT
server: cloudflare
etag: W/"ffb225f301b6618be8e374c7579fefdd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8efe960906d-FRA

GET
H3 200 331.4a957cec556f.p2p-link-v2.js Show response
static.fundraiseup.com/ 4 KB
2 KB 51ms
51ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/331.4a957cec556f.p2p-link-v2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9631a353547453d16083040fe145d370daff2a2eb192db6a2db6d6576bdfb2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:43:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 12542
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 5MDH6NEWDYTB42CG
x-amz-id-2: JkoAB00yLGDhCtML/VheX2l/yOA9qXQkX51d+L9R3V0BhDOjo55HJBf1yyzx6BgXk3wJOfqNl8M=
last-modified: Thu, 17 Mar 2022 10:05:19 GMT
server: cloudflare
etag: W/"a98d54efdcd113c2b00549b4e4a3fc71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8efe961906d-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRLD9XQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5954
date: Thu, 17 Mar 2022 14:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 17 Mar 2022 16:04:46 GMT

GET
H3 200 736154100088324 Show response
connect.facebook.net/signals/config/ 309 KB
88 KB 80ms
66ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/736154100088324?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b33226b475d8b19048982f2f251177c60f5aaa253514298d7978c9e865c58f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ndYivqGATeyD/oDQG8QQxwQPQyyG5cSm8k+svKhzLm0KvjiCZCAD1JMCm6DbTTrgEqTInMnnsD5MbTdqCKmaOA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 17 Mar 2022 15:44:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.7d3f952308caf42c2b67.js Show response
script.hotjar.com/ 236 KB
62 KB 26ms
8ms Script
application/javascript 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d3f952308caf42c2b67.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1023445.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-33.fra50.r.cloudfront.net

Software

Resource Hash

43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 628914
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63048
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 09:01:33 GMT
etag: "2f5d47da7be4d107a04726029158797c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: NVzwGgYEzfM8lGG9tPeFrngREsnSn5nEpE1GZDgWaWTPxtGCG6B5sg==

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
351 B 65ms
13ms Image
image/gif 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=5bca87a2-d308-48ff-bf80-dc2373b5a3a5&it=1647531839431&v=0.0.20&u=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_source%3D%26utm_medium%3Demail%26utm_campaign%3D&st=1647531839430&et=1647531839431&if=0
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 15:44:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.21.3
Connection: keep-alive
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame CAEE 2 KB
1 KB 31ms
8ms Document
text/html 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1023445.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mgS-xX4FECHm8qeTX15HJ9SBvPBa7xTek5x-uOhpGR_L2MdDw_iyMg==
age: 3567114

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-12551341-7&cid=511734531.1647531839&jid=677251817&gjid=2117884690&_gid=18302485.1647531839&_u=YGBAgUABAAAAAE~&z=30750127

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.678514a0cd01.vendors~sentry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 17 Mar 2022 15:44:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.heart.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 86ms
38ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1607492480&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_source%3D%26utm_medium%3Demail%26utm_campaign%3D&dr=%2F&dp=%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_source%3D%26utm_medium%3Demail%26utm_campaign%3D&ul=en-us&de=UTF-8&dt=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUAB~&jid=677251817&gjid=2117884690&cid=511734531.1647531839&tid=UA-12551341-7&_gid=18302485.1647531839&gtm=2wg3e0PRLD9XQ&cg1=heart%20-%20Landing%20Page%20B&cd6=86&cd7=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_source%3D%26utm_medium%3Demail%26utm_campaign%3D&cd8=&cd9=&cd10=GA%20-%20Pageview%20-%20Core%20Pageview%20-%20All%20Pages&cd36=GTM-PRLD9XQ&cd45=heart%20-%20Landing%20Page%20B&cd46=511734531.1647531839&z=1463091262

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 11:30:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15233
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 12.c7f9c7040430.vendors~bootvue~p2p-new-form.js Show response
static.fundraiseup.com/ 65 KB
19 KB 24ms
23ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/12.c7f9c7040430.vendors~bootvue~p2p-new-form.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a1048e00b84eb37f0a3205324b1a69830cfa5b1a6d6070bdf41426ce9fd980e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 18718
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: SJY0YENA82KAY6Z7
x-amz-id-2: 9SQ9FcJaMupHyqItQY6uReZkimN3kNbvRCTazvV2QTSaQNyRuIMNvw5TvGSmfUxiP7Cw62WqeWU=
last-modified: Thu, 17 Mar 2022 10:05:12 GMT
server: cloudflare
etag: W/"b3407f9862884bf0abad5706e4b2416c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8f12b61906d-FRA

GET
H3 200 67.299e5b7fac33.bootvue.js Show response
static.fundraiseup.com/ 28 KB
9 KB 24ms
23ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/67.299e5b7fac33.bootvue.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d60732878bf0a08be5ce4a4f246b1b6971cecc0b2d6863da2875171519ea20e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 25712
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: P9F5XFCWPKZAMJ8D
x-amz-id-2: bmBT7xn9rXQW+B2zW/zraKdMD0TeB9U37SqQkzj8u4cxS/27gROikx//IVYZDgWjDFASeREt5PY=
last-modified: Thu, 17 Mar 2022 07:55:09 GMT
server: cloudflare
etag: W/"ea2b68b3efac0a124350cd052da07d63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8f12b63906d-FRA

GET
H3 200 362.409d0dabeae7.widget-locale2.js Show response
static.fundraiseup.com/ 35 KB
11 KB 22ms
21ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/362.409d0dabeae7.widget-locale2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c62fec6ec9425cf3d4314133659cbf2ab216df55899c7759298af56aa237060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 101540
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 99RG5365VBPTQEFV
x-amz-id-2: nPAeTe8D2XOC4IVurI5loNC1ToSCRSjzhM8GUNH4ICyMwa1MZi0Zs6Z83qmif2K6yaYN7KxWU04=
last-modified: Wed, 16 Mar 2022 11:13:54 GMT
server: cloudflare
etag: W/"c228f2e22fb15068e32d4e32dd5ed5d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8f12b65906d-FRA

GET
H2 200 /
ucarecdn.com/3c7e64a3-80f4-4e83-860e-51908c0e8e39/-/resize/x50/-/format/auto/ 5 KB
5 KB 384ms
335ms Image
image/webp 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/3c7e64a3-80f4-4e83-860e-51908c0e8e39/-/resize/x50/-/format/auto/
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 60e0a9a69b50284a34bd89b6427f5b75385d64e391ed2a163d6f9a540c83b7ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
x-image-width: 414
server: nginx
content-disposition: inline
etag: "ad9a135e757fadad9138b65767923d7a"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=28704379
x-image-height: 50
content-length: 4942

GET
H2 200 /
ucarecdn.com/c7c29c95-1a3c-419b-9f69-506bd0573ee2/-/resize/470x/-/format/auto/ 20 KB
21 KB 384ms
336ms Image
image/webp 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/c7c29c95-1a3c-419b-9f69-506bd0573ee2/-/resize/470x/-/format/auto/
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b47be035ba2ab26942ad5decf492272affc97feb3d511a8e41a0e9a6ad5bf6b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
x-image-width: 470
server: nginx
content-disposition: inline
etag: "44dc163b47c195118cf22914acf7aaa6"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=30079580
x-image-height: 264
content-length: 20836

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/936930558/ 3 KB
1 KB 138ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/936930558/?random=1647531839541&cv=9&fst=1647531839541&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_source%3D%26utm_medium%3Demail%26utm_campaign%3D&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

256e5293ce6f7878cfeffa03b1e7a6b9231120f9cf56b5688f2f8415bb5d0e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1187
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1716007538720452 Show response
connect.facebook.net/signals/config/ 310 KB
88 KB 60ms
60ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1716007538720452?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a6e7d3e0ecd7a88ce7490823659fae6619cc82003ec79c3af406c1f44102795e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: XjshPFghmqkX4tGPrRR0TSIKqr98CmhyScov5CgHzCX5silbYaYdXfRGzeJrU41CyFKsx403XKhuYEugW69mHw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 17 Mar 2022 15:44:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 23ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=736154100088324&ev=PageView&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_source%3D%26utm_medium%3Demail%26utm_campaign%3D&rl=&if=false&ts=1647531839582&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647531839576.529999894&it=1647531839347&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 17 Mar 2022 15:44:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 41ms
10ms Script
application/x-javascript 108.157.1.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F7TTVL&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-1-118.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 06:00:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 34998
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P2
X-Amz-Cf-Id: 0qLc28CvY3EiGBQT8YqFgk_CVF50lZ6pmIg99eCQ5ZKCOu3bitwJzw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-12551341-7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F7TTVL&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3526fa44efe53581f4af0ee0c4e7157cc3f203ab7a2a0de106f39f2439f4822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36788
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Mar 2022 15:44:00 GMT

GET
H2 200 btp.js Show response
www.rtb123.com/tags/4E98FE08-F988-4E87-A752-749BE3251940/ 3 KB
1 KB 337ms
108ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/4E98FE08-F988-4E87-A752-749BE3251940/btp.js
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rtb123.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 59955dbff32264466c89071184c4388e8a640649369820dd4d4cd362ea04283b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 13:14:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0ea593ea1a8d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1127

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1270128&seg=22299274&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1270128%26seg%3D22299274%26t%3D2

43 B
1 KB

50ms
50ms

Image
image/gif

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1270128%26seg%3D22299274%26t%3D2

Requested by

Protocol

HTTP/1.1

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 15:44:00 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e0115457-b3a7-457e-ad74-7ffc32cc0da3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 15:44:00 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fc5cb394-7d4b-4cb5-bd60-52796b67cf76
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1270128%26seg%3D22299274%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 151ms
65ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-12551341-7&cid=511734531.1647531839&jid=677251817&_u=YGBAgUABAAAAAE~&z=2108605188

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 157ms
67ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-12551341-7&cid=511734531.1647531839&jid=677251817&_u=YGBAgUABAAAAAE~&z=2108605188

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1017985139/ 3 KB
2 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017985139/?random=1647531839626&cv=9&fst=1647531839626&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_source%3D%26utm_medium%3Demail%26utm_campaign%3D&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fef92ab74696bbbdb5256d3988f3871d43f843e0a98476c5a46a4ca235a9905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1188
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 24.d4233f743a6a.24.js Show response
static.fundraiseup.com/ 3 KB
1 KB 21ms
21ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/24.d4233f743a6a.24.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d964ba964b0ac1e67f7db89196617003ce7138dcc294f01429c1a41fe0d0f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 101539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JA040E9EK3NQPP03
x-amz-id-2: NLOckW39oKdbC99N3zmJPIWxBbuHAkEzzt5NPhpPRGgc5b0oy4c7B4yedLHL+AwZ6Cr/T5E01dA=
last-modified: Wed, 16 Mar 2022 11:13:50 GMT
server: cloudflare
etag: W/"209e38959b3c0b69709923eb8700d0da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8f20c7c906d-FRA

GET
H3 200 337.05e12c6d2276.showcaseform.js Show response
static.fundraiseup.com/ 67 KB
18 KB 22ms
22ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/337.05e12c6d2276.showcaseform.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cab93130b0051f9a91596e19fe09258498c8be8365bf104e0a378fef71da1774

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 24030
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: R7N2GK1K2GH5PDFR
x-amz-id-2: k7eX7YDI7/3DZkC3/xck6dAn+JbboqlcmpXTpEX8feuVWDebCacWUkHgLO4nAER3QCtjEzw1q1U=
last-modified: Thu, 17 Mar 2022 07:55:07 GMT
server: cloudflare
etag: W/"d7ae24b9e8bb36aed9df71a67f7048f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8f20c83906d-FRA

GET
H3 200 368.ef9e28472362.368.js Show response
static.fundraiseup.com/ 212 KB
95 KB 46ms
46ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/368.ef9e28472362.368.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c019af8452c5d3205e2e81cadd959b3168d77b3bb5d3a587582c30d4c941439

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 101586
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: Q7V3F14J1WPEV9E3
x-amz-id-2: fJzFl2x5suIRDemz6pSnsIU7IS5QO5LHtxnkoGDCC78OitRBkCIwCGEVGCwzTYZ3vNbJn6xMHeU=
last-modified: Wed, 16 Mar 2022 11:13:54 GMT
server: cloudflare
etag: W/"70e62cbb52dcd4bd3d07cea8c20bc354"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8f25d03906d-FRA

POST
H3 200 1628261962429989250 Show response
api.fundraiseup.com/paymentSession/ 277 B
590 B 401ms
401ms XHR
application/json 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/paymentSession/1628261962429989250

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.678514a0cd01.vendors~sentry.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ce5b9319989a54d99a3c24436f57b79503156ac4880163b8b93462a9db65fb6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-response-time: 71ms
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heart.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-security-policy: frame-ancestors 'self' fundraiseup.com
cf-ray: 6ed6d8f29d6f906d-FRA
expires: 0

GET
H3 200 566975180179047 Show response
connect.facebook.net/signals/config/ 310 KB
89 KB 64ms
63ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/566975180179047?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e833e86e5c9bcfa370349adce9536ac2e6fe1b7a74d7fc7f150f8c00af15aaa6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 2pYOA4w58M52ZysZAAvCqB+BpCv6PJfOKQmfzb7oeOvkxh27h5T+fGu4Q3ya3wFdgUPnS0Lq4gv2j7md37pJDA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 17 Mar 2022 15:44:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1716007538720452&ev=PageView&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&rl=&if=false&ts=1647531839751&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647531839576.529999894&it=1647531839347&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 15:44:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 61ms
59ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-936930558&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-12551341-7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

296d78381423b44f08f12bee00cb0560b1d6d7965d240a0bd68467657892283e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40308
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Mar 2022 15:44:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
36 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6259436&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-12551341-7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a8f61353dd1566d3884a4341ffd3196531bbaa3537665c2e33e9ae01f4a01c04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36560
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Mar 2022 15:44:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
36 KB 63ms
63ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9239798&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-12551341-7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9200939b181a1d9edd107337ed102b6ea9f9d8bd480b7b7d48afd15377b95058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36596
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Mar 2022 15:44:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1017985139/ 42 B
64 B 104ms
51ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1017985139/?random=1647531839626&cv=9&fst=1647529200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_source%3D%26utm_medium%3Demail%26utm_campaign%3D&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&async=1&fmt=3&is_vtc=1&random=3185131662&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1017985139/ 42 B
64 B 104ms
52ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1017985139/?random=1647531839626&cv=9&fst=1647529200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_source%3D%26utm_medium%3Demail%26utm_campaign%3D&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&async=1&fmt=3&is_vtc=1&random=3185131662&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/936930558/ 42 B
64 B 110ms
60ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/936930558/?random=1647531839541&cv=9&fst=1647529200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_source%3D%26utm_medium%3Demail%26utm_campaign%3D&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&async=1&fmt=3&is_vtc=1&random=3327150728&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/936930558/ 42 B
64 B 104ms
53ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/936930558/?random=1647531839541&cv=9&fst=1647529200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_source%3D%26utm_medium%3Demail%26utm_campaign%3D&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&async=1&fmt=3&is_vtc=1&random=3327150728&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 0171 289 KB
69 KB 75ms
9ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/3.bd62720df09c.bootvue~checkoutForm~showcaseform~widgetgui.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

afb40334fd3bfc28fa741c0f3cdfb71394fdcc772ece2c43b48518b4a7742d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 3
x-cache: HIT
content-length: 69963
etag: "7bea87cee5df7fa94adf69bc5dec221e"
x-request-id: 06fd5613-7d9e-4ffd-bf00-a449fc337c9a
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 16 Mar 2022 20:35:50 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:00 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H3 200 359.522d5cc870ae.vendors~telephone-input.js Show response
static.fundraiseup.com/ 248 KB
58 KB 31ms
31ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/359.522d5cc870ae.vendors~telephone-input.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea607011a6e2bef5d49fceab2ab6cb45e8e1fb2367dffe352daaa50742066666

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 24003
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZPBVWD157YWMP2RM
x-amz-id-2: 1owXmY957JkN1XZdYNGbO/1kS+V4cHnpJL802sb2Q1cx5CAirShfO4+xqw+vs13KH7rS1CTN/Ok=
last-modified: Thu, 17 Mar 2022 07:55:08 GMT
server: cloudflare
etag: W/"d58d8ce748722b8e79b1cdb015f07e5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8f31e01906d-FRA

GET
H3 200 349.0b18db6a810a.telephone-input.js Show response
static.fundraiseup.com/ 125 KB
78 KB 24ms
24ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/349.0b18db6a810a.telephone-input.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799105d9893ab498a7c201f803a894b6621c98e8fade7bfa2e4fb49700769f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 21148
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DA2Y6TBFEKH9TX8S
x-amz-id-2: wA9krTHsFfKw+PojWV1xMpsf5y+ON6f7kEOT8brlkkHu2fHOP5M1edMfZS/KpybqniyxnXCOgss=
last-modified: Thu, 17 Mar 2022 07:55:07 GMT
server: cloudflare
etag: W/"8f75706f825ae2195a6507d58a73986d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 6ed6d8f31e02906d-FRA

GET
H2 200 /
ucarecdn.com/3c7e64a3-80f4-4e83-860e-51908c0e8e39/-/resize/x50/-/format/auto/ Frame 0171 5 KB
5 KB 8ms
7ms Image
image/webp 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/3c7e64a3-80f4-4e83-860e-51908c0e8e39/-/resize/x50/-/format/auto/
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/60deeceaf2bb.api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 60e0a9a69b50284a34bd89b6427f5b75385d64e391ed2a163d6f9a540c83b7ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
x-image-width: 414
server: nginx
content-disposition: inline
etag: "ad9a135e757fadad9138b65767923d7a"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=28704379
x-image-height: 50
content-length: 4942

GET
H2 200 /
ucarecdn.com/c7c29c95-1a3c-419b-9f69-506bd0573ee2/-/resize/470x/-/format/auto/ Frame 0171 20 KB
21 KB 7ms
7ms Image
image/webp 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/c7c29c95-1a3c-419b-9f69-506bd0573ee2/-/resize/470x/-/format/auto/
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b47be035ba2ab26942ad5decf492272affc97feb3d511a8e41a0e9a6ad5bf6b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
x-image-width: 470
server: nginx
content-disposition: inline
etag: "44dc163b47c195118cf22914acf7aaa6"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=30079580
x-image-height: 264
content-length: 20836

GET
H3 200 sprite.c769c70cfdfd.png
static.fundraiseup.com/images/widget-v2/ Frame 0171 173 KB
173 KB 32ms
32ms Image
image/webp 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.fundraiseup.com/images/widget-v2/sprite.c769c70cfdfd.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a64b6e1efed753ce70b1285cd262962e2aaa816283f0f2beaa7b45b2f3e9d0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
vary: Accept
cf-cache-status: HIT
age: 2099403
cf-polished: origFmt=png, origSize=259686
cf-ray: 6ed6d8f3af06906d-FRA
content-disposition: inline; filename="sprite.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 177040
x-amz-id-2: 8I2/O60tWRd910Hj/6Nsfl9BgK5Hp3Zi0ja0hQiFnfR3Pv56dJJVOn181graKvVCCZbE0I8gzLk=
last-modified: Mon, 21 Feb 2022 07:36:27 GMT
server: cloudflare
etag: "c769c70cfdfdb46ad0df9769aebd62a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ZJC4VJY95ZZ1M46A
cache-control: max-age=2678400
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:100,h2pri

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame 0171 56 KB
56 KB 90ms
73ms Font
application/octet-stream 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.heart.org/
Origin: https://www.heart.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 1755355
cf-ray: 6ed6d8f3cc0e9b5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56996
x-amz-id-2: 1yppUObTzo/K5gOBPsRTRfbPcdYVt3IsIQeo3taYAmlZcwPNy1PflcY2MWoNIHGkcD3XqyfTtnU=
last-modified: Tue, 25 Jan 2022 07:27:41 GMT
server: cloudflare
etag: "643ad5d92cd7c31076790077c3003abc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET
x-amz-request-id: X70D3KW911X9JJJQ
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
content-type: application/octet-stream

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame 0171 52 KB
52 KB 38ms
21ms Font
application/octet-stream 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.heart.org/
Origin: https://www.heart.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 1755355
cf-ray: 6ed6d8f3cc0a9b5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53064
x-amz-id-2: hez8O7rS/5FWxJ64H4DRDgRHqg1LE0GMsloNi04qiXhzDqCP8LNf9mlAKaz8gSgi0khjlEBtBow=
last-modified: Tue, 25 Jan 2022 07:27:41 GMT
server: cloudflare
etag: "c9e466876957e9d2128f63b225a81ae3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET
x-amz-request-id: X70A8MSJSQYZB8WC
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
content-type: application/octet-stream

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.cc65a7d46bec.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame 0171 55 KB
56 KB 56ms
40ms Font
application/octet-stream 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.cc65a7d46bec.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.heart.org/
Origin: https://www.heart.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 132630
cf-ray: 6ed6d8f3cc0c9b5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56460
x-amz-id-2: 5buRT3WW1KV/3nWVW0uAziO7ma56g103y/YaWID2yz268qWCZVTXbJZeHYrCzn/z5ZSGCo/f0rc=
last-modified: Tue, 15 Mar 2022 13:45:49 GMT
server: cloudflare
etag: "cc65a7d46bec1bcadfd3a27d571765f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET
x-amz-request-id: X40A07PCJ6G84ZW8
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
content-type: application/octet-stream

GET
H3 200 btn-paypal.ebe594990703.svg
static.fundraiseup.com/images/widget-v2/ Frame 0171 3 KB
2 KB 34ms
33ms Image
image/svg+xml 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.fundraiseup.com/images/widget-v2/btn-paypal.ebe594990703.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9589e659d61c849965bde86987d78f79eefcbe6577c4a113d559116a5d4cafc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2099410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2YM16K1X8RQZRKE6
x-amz-id-2: L6yMPth8jxfCjfLNsrh8hKZqOeba8N8UCuUJgJujXU+26wdKSZYwpK0mb/NlcjHHD/Nb8hhiIGw=
last-modified: Mon, 21 Feb 2022 07:36:27 GMT
server: cloudflare
etag: W/"ebe5949907038bc3be1931f1a8634d95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 6ed6d8f3df7d906d-FRA

GET
H3 200 btn-venmo.0cc3f7667536.svg
static.fundraiseup.com/images/widget-v2/ Frame 0171 2 KB
1 KB 35ms
34ms Image
image/svg+xml 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.fundraiseup.com/images/widget-v2/btn-venmo.0cc3f7667536.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eca9aacc8c93e129336f815ae601e17121cc6c4e4906e3d5aab286249e6aebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2099410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2YM8WFFFYYH7A42J
x-amz-id-2: iguC/9Vhz8EsGrR1ufrZJdphVgJbHKXM8JlKockO+rgzrUA+KfJaAApIZHwJxkXddyhQrKx1fVo=
last-modified: Mon, 21 Feb 2022 07:36:27 GMT
server: cloudflare
etag: W/"0cc3f76675365fa1d3371668f0bce1d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 6ed6d8f3df7f906d-FRA

GET
H2 200 cybba_latest_mini_v1.5.js Show response
d2rp1k1dldbai6.cloudfront.net/js-minified/ 75 KB
20 KB 71ms
7ms Script
application/javascript 2600:9000:2156:ca00:d:87ae:bb80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2rp1k1dldbai6.cloudfront.net/js-minified/cybba_latest_mini_v1.5.js
Requested by: Host: www.rtb123.com
URL: https://www.rtb123.com/tags/4E98FE08-F988-4E87-A752-749BE3251940/btp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ca00:d:87ae:bb80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0faa231d2e1618d382b7e2eeed4244ebad6f9c78df86e153b90e6e20d218bfce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: vRh3I.ilvmSwCmxugPAt_fcfa5tul__W
content-encoding: gzip
etag: W/"9e33abcb83f5793fa610130e97588252"
last-modified: Tue, 21 Sep 2021 13:53:06 GMT
server: AmazonS3
age: 21448
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
date: Thu, 17 Mar 2022 09:48:37 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KXZnQlrFDWPIBwMkFO-g-NDRrYTjz8N13FjNMsbM-0bdsXR_icdkCw==

GET
H2 200 loader.min.js Show response
files1.cybba.solutions/heart.org/ 88 KB
27 KB 105ms
17ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://files1.cybba.solutions/heart.org/loader.min.js?v=36068
Requested by: Host: www.rtb123.com
URL: https://www.rtb123.com/tags/4E98FE08-F988-4E87-A752-749BE3251940/btp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: d400fe41c54895c8fdfc9ad4b08fc45b96a200962f09b1ec8a5a13e622bd5469

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: br
cdn-edgestorageid: 883
cdn-cachedat: 03/10/2022 13:35:13
cdn-pullzone: 116099
cdn-requestpullsuccess: True
server: BunnyCDN-AMS1-879
last-modified: Mon, 13 Sep 2021 13:15:33 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"613f4ef5-16028"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: a080e070-2552-4896-b206-e42f1464eeab
cache-control: public, max-age=1800
cdn-requestid: 23122e21227e71843a69105fa3304758
cdn-requestcountrycode: DE
cdn-status: 200
expires: Thu, 10 Mar 2022 14:05:13 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 49ms
48ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1607492480&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&dp=%2Fen%2Fget-involved%2Fways-to-give%2F%23FUNFQSZWRFW%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAUABAAAAAG~&jid=381761078&gjid=944234844&cid=511734531.1647531839&tid=UA-12551341-7&_gid=18302485.1647531839&_r=1&gtm=2ou3e0&z=1663343246

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.678514a0cd01.vendors~sentry.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heart.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1607492480&t=event&_s=2&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&dp=%2Fen%2Fget-involved%2Fways-to-give%2F%23FUNFQSZWRFW%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Fundraise%20Up%20Checkout%20Events&ea=Fundraise%20Up%20Checkout%20Open&el=FY22%20-%2003_Mar%20-%20Heart%20-%20Donate%20Form%20%7C%20General%20Revenue%20(FUNFQSZWRFW)&_u=aHDAAUABAAAAAG~&jid=&gjid=&cid=511734531.1647531839&tid=UA-12551341-7&_gid=18302485.1647531839&gtm=2ou3e0&z=1799770097

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 11:30:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15233
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-9fe86c29346daf61dc2cc0586b4fad18.html Show response
js.stripe.com/v3/ Frame C60A 240 B
548 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1dda2cecb8f0322c2b59a817ac9d9fa234b3792ff094b1a401b3862d3cf157dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

last-modified: Fri, 11 Mar 2022 19:55:40 GMT
etag: "9fe86c29346daf61dc2cc0586b4fad18"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 17 Mar 2022 15:44:00 GMT
via: 1.1 varnish
age: 57821
x-request-id: 024c0e2d-8b21-4516-8feb-5c8033904efb
x-served-by: cache-hhn4020-HHN
x-cache: HIT
x-cache-hits: 27982
vary: Accept-Encoding
timing-allow-origin: *
content-length: 140

GET
H2 200 controller-0986c1cf91e9f902d106d8d5f962ee5a.html Show response
js.stripe.com/v3/ Frame FDFE 349 B
566 B 7ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

438ee7c09860040874be1e41d177b2e1d130020724a0e2da4a95142e4c99f06f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

last-modified: Wed, 16 Mar 2022 20:11:22 GMT
etag: "0986c1cf91e9f902d106d8d5f962ee5a"
cache-control: max-age=60
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 17 Mar 2022 15:44:00 GMT
via: 1.1 varnish
age: 33
x-request-id: 317b8c37-6f7b-4137-ba04-8ce25ec7dc64
x-served-by: cache-hhn4020-HHN
x-cache: HIT
x-cache-hits: 43
vary: Accept-Encoding
timing-allow-origin: *
content-length: 166

GET
H2 200 controller-0986c1cf91e9f902d106d8d5f962ee5a.html Show response
js.stripe.com/v3/ Frame 2166 349 B
243 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

438ee7c09860040874be1e41d177b2e1d130020724a0e2da4a95142e4c99f06f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

last-modified: Wed, 16 Mar 2022 20:11:22 GMT
etag: "0986c1cf91e9f902d106d8d5f962ee5a"
cache-control: max-age=60
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 17 Mar 2022 15:44:00 GMT
via: 1.1 varnish
age: 33
x-request-id: 75033c04-d6eb-4850-8ae4-95e62548bd92
x-served-by: cache-hhn4020-HHN
x-cache: HIT
x-cache-hits: 44
vary: Accept-Encoding
timing-allow-origin: *
content-length: 166

GET
H2 200 elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html Show response
js.stripe.com/v3/ Frame 0FD5 807 B
874 B 8ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

221f757bf12cbfef535da24b4025706b0339d5693a6e76eff6ae6a43bc542487

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

last-modified: Wed, 16 Mar 2022 20:11:22 GMT
etag: "85bb96422fd364e89adf0d9621f3b89e"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 17 Mar 2022 15:44:00 GMT
via: 1.1 varnish
age: 54312
x-request-id: 9aceec54-98c2-4b45-aa38-f3eca435c918
x-served-by: cache-hhn4020-HHN
x-cache: HIT
x-cache-hits: 3213
vary: Accept-Encoding
timing-allow-origin: *
content-length: 309

GET
H2 200 elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html Show response
js.stripe.com/v3/ Frame EE2B 807 B
387 B 7ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

221f757bf12cbfef535da24b4025706b0339d5693a6e76eff6ae6a43bc542487

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

last-modified: Wed, 16 Mar 2022 20:11:22 GMT
etag: "85bb96422fd364e89adf0d9621f3b89e"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 17 Mar 2022 15:44:00 GMT
via: 1.1 varnish
age: 54312
x-request-id: 07e516fb-d616-4600-ae20-e3095ad4e4b6
x-served-by: cache-hhn4020-HHN
x-cache: HIT
x-cache-hits: 3214
vary: Accept-Encoding
timing-allow-origin: *
content-length: 309

GET
H2 200 elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html Show response
js.stripe.com/v3/ Frame C93F 807 B
419 B 8ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

221f757bf12cbfef535da24b4025706b0339d5693a6e76eff6ae6a43bc542487

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

last-modified: Wed, 16 Mar 2022 20:11:22 GMT
etag: "85bb96422fd364e89adf0d9621f3b89e"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 17 Mar 2022 15:44:00 GMT
via: 1.1 varnish
age: 54312
x-request-id: a53d895e-8a4c-49ea-be12-b2acf988bc4a
x-served-by: cache-hhn4020-HHN
x-cache: HIT
x-cache-hits: 3215
vary: Accept-Encoding
timing-allow-origin: *
content-length: 309

GET
H2 200 elements-inner-au-bank-account-b853e654c4ce0dc06b761c4998826359.html Show response
js.stripe.com/v3/ Frame 3123 829 B
443 B 8ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-au-bank-account-b853e654c4ce0dc06b761c4998826359.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

997324b19cae6cb030ce204ac1a81cc93c762f8ed579aad429853c8c5889f410

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

last-modified: Wed, 16 Mar 2022 20:12:15 GMT
etag: "b853e654c4ce0dc06b761c4998826359"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 17 Mar 2022 15:44:00 GMT
via: 1.1 varnish
age: 69318
x-request-id: 9d1c6e91-9eff-4822-90bc-81cd3729f4cd
x-served-by: cache-hhn4020-HHN
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
timing-allow-origin: *
content-length: 312

GET
H2 200 elements-inner-iban-157c29f58b70ac8655bbcfd76ed71cd2.html Show response
js.stripe.com/v3/ Frame D620 807 B
420 B 6ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-iban-157c29f58b70ac8655bbcfd76ed71cd2.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

05d2910942620cbc1eb26cdf166c768dec2c95755a8379742ee34386d07084c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

last-modified: Wed, 16 Mar 2022 20:12:15 GMT
etag: "157c29f58b70ac8655bbcfd76ed71cd2"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 17 Mar 2022 15:44:00 GMT
via: 1.1 varnish
age: 52356
x-request-id: e0eba2db-a672-4d83-a38f-a6249004216f
x-served-by: cache-hhn4020-HHN
x-cache: HIT
x-cache-hits: 40
vary: Accept-Encoding
timing-allow-origin: *
content-length: 311

GET
H3 200 454054155084786 Show response
connect.facebook.net/signals/config/ 5 KB
2 KB 43ms
43ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/454054155084786?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

52a2b37a482791c5f79596a1b341323309287f13b69ba90779264b7dae9034f5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: T8Tugo1K3RLpnt3q1cn9de3OH4CMEO9DVXh0RowstgDmYHdxaCPP2r1GMU80jfuMXJ4Qm57HL/5YvLVYWi90uA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 17 Mar 2022 15:44:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=566975180179047&ev=PageView&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&rl=&if=false&ts=1647531840173&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647531839576.529999894&it=1647531839347&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 15:44:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/936930558/ 3 KB
1 KB 105ms
58ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/936930558/?random=1647531840211&cv=9&fst=1647531840211&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14c1a3e9987ab5fe14bb64134e50a6bc9df11d415b500fa0ac8ad9e7e0b35b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1191
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/936930558/ 3 KB
1 KB 105ms
59ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/936930558/?random=1647531840213&cv=9&fst=1647531840213&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3DFundraise%20Up%20Checkout%20Open%3Bevent_category%3DFundraise%20Up%20Checkout%20Events%3Bevent_label%3DFY22%20-%2003_Mar%20-%20Heart%20-%20Donate%20Form%20%7C%20General%20Revenue%20(FUNFQSZWRFW)&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd47a41aea79cd38b270b3b53ff3fc260b2b31c3fc852022db5abb1dfb148a9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tb
fndrsp.net/ 2 B
574 B 177ms
134ms Ping
text/plain 104.26.8.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/ARMPCVPV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.8.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtN1tIkrsWENh3fj1rU3bYqoYPBjK6Knm5gS8iFb0LYHfd81lg4vNiKCOzMKE8ipzLMh9MFz1y9QChMiA%2FF2grt16hJ04MNUP27kSt1C9sAnDtaZSeXYXUYgPsc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.heart.org
access-control-allow-credentials: true
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6ed6d8f5e8a99be8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 tb
fndrsp-checkout.net/ 2 B
591 B 390ms
341ms Ping
text/plain 172.67.74.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp-checkout.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/ARMPCVPV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWkL6bexSz%2Fb3W2ufRM2Qa%2Bm0u58W28GubSkXeAFgk5JARJZRArikjRO6XjsDpo66HhP6dFLmRGjmzjVVNsaybLmNZwyThc5qR8ILYP5cQCgYoapUgFv7bi8%2FY%2Fl%2BQGoKvuW2dM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.heart.org
access-control-allow-credentials: true
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6ed6d8f5ebd85b4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 token Show response
api.fundraiseup.com/paymentSession/1628261962429989250/googlePay/ 235 B
591 B 160ms
160ms XHR
text/plain 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/paymentSession/1628261962429989250/googlePay/token?merchantOrigin=www.heart.org

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.678514a0cd01.vendors~sentry.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63741ea2e6611237abd07674e1d1def44ad810eb9db801cb764165f8f3e24b5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-response-time: 27ms
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.heart.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-security-policy: frame-ancestors 'self' fundraiseup.com
cf-ray: 6ed6d8f5ba50906d-FRA
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C60A 0
356 B 697ms
357ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 8
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame FDFE 0
356 B 691ms
354ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 3
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2166 0
356 B 675ms
342ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 1
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 0FD5 0
356 B 678ms
350ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame EE2B 0
357 B 686ms
361ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 13
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C93F 0
356 B 675ms
355ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 3
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3123 0
356 B 676ms
359ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 9
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D620 0
356 B 663ms
349ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 1
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/936930558/ 3 KB
1 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/936930558/?random=1647531840295&cv=9&fst=1647531840295&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dbegin_checkout%3Ballow_custom_scripts%3Dtrue%3Bcontent_type%3Dproduct%3Baffiliation%3DFundraise%20Up%3Bid%3DFUNFQSZWRFW&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c754a5037b79dac49c97661fcf87b2c1813ec5d406de92e48ee9785755377a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:09:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 17 Mar 2022 16:09:25 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/936930558/ 2 KB
1 KB 105ms
55ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/936930558/?random=1647531840304&cv=9&fst=1647531840304&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&auid=178462528.1647531839&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c07865f147e10fd3daccab6fc7354194a020f323d676be3b9763e63c74ffd2bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1331
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CLLYmLG-zfYCFQr6Gwodmc8Cfg;src=9239798;type=chekopen;cat=ahase0;ord=1060821379456;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2... Show response
9239798.fls.doubleclick.net/ Frame 841B
Redirect Chain

https://9239798.fls.doubleclick.net/activityi;src=9239798;type=chekopen;cat=ahase0;ord=1060821379456;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F...
https://9239798.fls.doubleclick.net/activityi;dc_pre=CLLYmLG-zfYCFQr6Gwodmc8Cfg;src=9239798;type=chekopen;cat=ahase0;ord=1060821379456;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E0...

607 B
489 B

103ms
56ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9239798.fls.doubleclick.net/activityi;dc_pre=CLLYmLG-zfYCFQr6Gwodmc8Cfg;src=9239798;type=chekopen;cat=ahase0;ord=1060821379456;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9239798&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

371fc137c5bc48afcbff6db48fa78b1af332031409d65f5fc3b22914539b0376

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 17 Mar 2022 15:44:01 GMT
expires: Thu, 17 Mar 2022 15:44:01 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 466
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 17 Mar 2022 15:44:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9239798.fls.doubleclick.net/activityi;dc_pre=CLLYmLG-zfYCFQr6Gwodmc8Cfg;src=9239798;type=chekopen;cat=ahase0;ord=1060821379456;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CO_kmLG-zfYCFflDHQkde5IBZw;src=6259436;type=chekopen;cat=ahado0;ord=3436637060411;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2... Show response
6259436.fls.doubleclick.net/ Frame F130
Redirect Chain

https://6259436.fls.doubleclick.net/activityi;src=6259436;type=chekopen;cat=ahado0;ord=3436637060411;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F...
https://6259436.fls.doubleclick.net/activityi;dc_pre=CO_kmLG-zfYCFflDHQkde5IBZw;src=6259436;type=chekopen;cat=ahado0;ord=3436637060411;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E0...

607 B
487 B

105ms
58ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6259436.fls.doubleclick.net/activityi;dc_pre=CO_kmLG-zfYCFflDHQkde5IBZw;src=6259436;type=chekopen;cat=ahado0;ord=3436637060411;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6259436&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

1aa36cfff1410ce902a10a8c6ed2b50b4126f4f7d0432e6d8a66756365cba8ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 17 Mar 2022 15:44:01 GMT
expires: Thu, 17 Mar 2022 15:44:01 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 464
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 17 Mar 2022 15:44:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6259436.fls.doubleclick.net/activityi;dc_pre=CO_kmLG-zfYCFflDHQkde5IBZw;src=6259436;type=chekopen;cat=ahado0;ord=3436637060411;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 m-outer-7345858512d328389831b5c353d30a99.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C60A 1 KB
976 B 14ms
13ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-7345858512d328389831b5c353d30a99.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 37
x-cache: HIT
content-length: 645
etag: "d0c7e21ec457b6a134a496f107c3ca93"
x-request-id: 6ff3a98e-0f22-4f1d-9d50-9783517a5fea
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Mon, 07 Mar 2022 20:10:26 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 87

GET
H2 200 shared-58c42dfbd0cec8572a5aefcf86e0ccee.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FDFE 207 KB
51 KB 14ms
13ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b6b48aecd028f633ef66cc4301631e61349638d60ed58b6e8280c2281c81134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 51940
etag: "8d8bf60babb833f654af5bc5f9e8b5c4"
x-request-id: d3220a28-3e1f-42ee-9331-0ce776c3d6d2
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 16 Mar 2022 20:11:29 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 90

GET
H2 200 controller-eb746c1c52b0aab10eb97d7c95730167.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FDFE 377 KB
93 KB 13ms
13ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-eb746c1c52b0aab10eb97d7c95730167.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bbbdfb617f128b6224eb8f90c9aae62eb5c30b0711d440fb4ccab964cdc2d801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 21
x-cache: HIT
content-length: 94649
etag: "91f6f563998d2fdcd2bb4ca2ed7e5e91"
x-request-id: 94c51dfd-67c6-4ca5-a2bf-6c8414cb676e
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 20:22:27 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 25

GET
H2 200 shared-58c42dfbd0cec8572a5aefcf86e0ccee.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2166 207 KB
51 KB 13ms
12ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b6b48aecd028f633ef66cc4301631e61349638d60ed58b6e8280c2281c81134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 51940
etag: "8d8bf60babb833f654af5bc5f9e8b5c4"
x-request-id: 2f94f113-a282-43db-84dc-c98911753aea
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 16 Mar 2022 20:11:29 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 91

GET
H2 200 controller-eb746c1c52b0aab10eb97d7c95730167.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2166 377 KB
93 KB 12ms
12ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-eb746c1c52b0aab10eb97d7c95730167.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bbbdfb617f128b6224eb8f90c9aae62eb5c30b0711d440fb4ccab964cdc2d801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 21
x-cache: HIT
content-length: 94649
etag: "91f6f563998d2fdcd2bb4ca2ed7e5e91"
x-request-id: e5edc5d8-7959-4469-b7eb-269e93549cdf
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 20:22:27 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 26

GET
H2 200 ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css
js.stripe.com/v3/fingerprinted/css/ Frame 0FD5 15 KB
3 KB 11ms
11ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d9f33ed9fdd936a670993b9a8e6ca44e7a358d0f7b217b6c6638b502f66a8015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 91
x-cache: HIT
content-length: 2474
etag: "7c0a4ba6a732ed01cc27774f97bbe8bd"
x-request-id: f45f554c-fedb-4047-bfdf-ba22e4ded328
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 12 Jan 2022 18:02:17 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15

GET
H2 200 elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
js.stripe.com/v3/fingerprinted/css/ Frame 0FD5 5 KB
1 KB 11ms
10ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 893
etag: "0de3030d19b9e3517790795cb6ccc87d"
x-request-id: b96cbf1a-890f-4630-ba5e-63f0f0ea0fd1
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Tue, 08 Mar 2022 20:28:40 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H2 200 shared-58c42dfbd0cec8572a5aefcf86e0ccee.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0FD5 207 KB
51 KB 10ms
9ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b6b48aecd028f633ef66cc4301631e61349638d60ed58b6e8280c2281c81134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 51940
etag: "8d8bf60babb833f654af5bc5f9e8b5c4"
x-request-id: 91b6ffec-28d6-437e-b2b5-5cbc11450f29
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 16 Mar 2022 20:11:29 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 92

GET
H2 200 ui-shared-614fa118a57f007d6527c9446da0a1a1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0FD5 216 KB
62 KB 23ms
22ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-614fa118a57f007d6527c9446da0a1a1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b712a90178343baeced58d55071a57044fd9b3617d92f3a5ae66d4fb32968e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 60
x-cache: HIT
content-length: 62890
etag: "beaaaf4b5d63d7bfce0233fb82465c27"
x-request-id: a0f7ce53-daba-432f-9260-cd637923cb80
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 20:26:56 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 elements-inner-card-dda4d45c418b50bc8b18e1f90d2dc9ae.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0FD5 46 KB
11 KB 15ms
14ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-dda4d45c418b50bc8b18e1f90d2dc9ae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8131ceededcb0e2b057aa5b22a6677b2790ab6f65e5e651faccf38dc603443c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 17
x-cache: HIT
content-length: 11630
etag: "e0ac6bc4056e2a9b009c54c143aa060e"
x-request-id: b4f20d6e-9ba9-43ad-b11e-3e10769b19b8
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 20:26:54 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css
js.stripe.com/v3/fingerprinted/css/ Frame EE2B 15 KB
3 KB 18ms
17ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d9f33ed9fdd936a670993b9a8e6ca44e7a358d0f7b217b6c6638b502f66a8015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 91
x-cache: HIT
content-length: 2474
etag: "7c0a4ba6a732ed01cc27774f97bbe8bd"
x-request-id: 6553c65b-a481-4189-bca3-791063e53c4b
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 12 Jan 2022 18:02:17 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16

GET
H2 200 elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
js.stripe.com/v3/fingerprinted/css/ Frame EE2B 5 KB
1019 B 21ms
20ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 893
etag: "0de3030d19b9e3517790795cb6ccc87d"
x-request-id: 1e539cb7-c21c-4e3e-aa0d-ce1362ba13f0
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Tue, 08 Mar 2022 20:28:40 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

GET
H2 200 shared-58c42dfbd0cec8572a5aefcf86e0ccee.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EE2B 207 KB
51 KB 21ms
21ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b6b48aecd028f633ef66cc4301631e61349638d60ed58b6e8280c2281c81134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 51940
etag: "8d8bf60babb833f654af5bc5f9e8b5c4"
x-request-id: 94149b16-d861-4906-9443-85fda80a583f
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 16 Mar 2022 20:11:29 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 93

GET
H2 200 ui-shared-614fa118a57f007d6527c9446da0a1a1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EE2B 216 KB
62 KB 21ms
20ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-614fa118a57f007d6527c9446da0a1a1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b712a90178343baeced58d55071a57044fd9b3617d92f3a5ae66d4fb32968e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 60
x-cache: HIT
content-length: 62890
etag: "beaaaf4b5d63d7bfce0233fb82465c27"
x-request-id: c23b31c5-772a-46f5-bb28-7b591abdcc44
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 20:26:56 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 elements-inner-card-dda4d45c418b50bc8b18e1f90d2dc9ae.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EE2B 46 KB
12 KB 21ms
19ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-dda4d45c418b50bc8b18e1f90d2dc9ae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8131ceededcb0e2b057aa5b22a6677b2790ab6f65e5e651faccf38dc603443c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 17
x-cache: HIT
content-length: 11630
etag: "e0ac6bc4056e2a9b009c54c143aa060e"
x-request-id: 89a9f711-55f8-4a59-9131-1b4f2b72589f
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 20:26:54 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css
js.stripe.com/v3/fingerprinted/css/ Frame C93F 15 KB
3 KB 21ms
17ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d9f33ed9fdd936a670993b9a8e6ca44e7a358d0f7b217b6c6638b502f66a8015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 91
x-cache: HIT
content-length: 2474
etag: "7c0a4ba6a732ed01cc27774f97bbe8bd"
x-request-id: 42da9a7a-ea9d-454b-90bb-a260a664da36
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 12 Jan 2022 18:02:17 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17

GET
H2 200 elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
js.stripe.com/v3/fingerprinted/css/ Frame C93F 5 KB
1020 B 21ms
17ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 893
etag: "0de3030d19b9e3517790795cb6ccc87d"
x-request-id: d26c1330-35e7-4d7c-89c1-75c082f662f9
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Tue, 08 Mar 2022 20:28:40 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

GET
H2 200 shared-58c42dfbd0cec8572a5aefcf86e0ccee.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C93F 207 KB
51 KB 21ms
16ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b6b48aecd028f633ef66cc4301631e61349638d60ed58b6e8280c2281c81134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 51940
etag: "8d8bf60babb833f654af5bc5f9e8b5c4"
x-request-id: adbbec90-fb91-4b6c-8b62-fdf873e6ce4a
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 16 Mar 2022 20:11:29 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 94

GET
H2 200 ui-shared-614fa118a57f007d6527c9446da0a1a1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C93F 216 KB
62 KB 21ms
16ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-614fa118a57f007d6527c9446da0a1a1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b712a90178343baeced58d55071a57044fd9b3617d92f3a5ae66d4fb32968e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 60
x-cache: HIT
content-length: 62890
etag: "beaaaf4b5d63d7bfce0233fb82465c27"
x-request-id: 7d3e6aee-7230-4ddf-8136-acac56a5d515
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 20:26:56 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 elements-inner-card-dda4d45c418b50bc8b18e1f90d2dc9ae.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C93F 46 KB
11 KB 34ms
26ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-dda4d45c418b50bc8b18e1f90d2dc9ae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8131ceededcb0e2b057aa5b22a6677b2790ab6f65e5e651faccf38dc603443c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-85bb96422fd364e89adf0d9621f3b89e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 18
x-cache: HIT
content-length: 11630
etag: "e0ac6bc4056e2a9b009c54c143aa060e"
x-request-id: 295a952e-1b49-43db-ab62-b209d7e01b37
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 20:26:54 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css
js.stripe.com/v3/fingerprinted/css/ Frame 3123 15 KB
2 KB 20ms
16ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-b853e654c4ce0dc06b761c4998826359.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d9f33ed9fdd936a670993b9a8e6ca44e7a358d0f7b217b6c6638b502f66a8015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-b853e654c4ce0dc06b761c4998826359.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 91
x-cache: HIT
content-length: 2474
etag: "7c0a4ba6a732ed01cc27774f97bbe8bd"
x-request-id: ab1ebc27-e5cc-4424-b523-a751bb05cf61
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 12 Jan 2022 18:02:17 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18

GET
H2 200 elements-inner-au-bank-account-32eb4faaabd94307f2d6c32d3a81dbf0.css
js.stripe.com/v3/fingerprinted/css/ Frame 3123 803 B
558 B 695ms
688ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-au-bank-account-32eb4faaabd94307f2d6c32d3a81dbf0.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-b853e654c4ce0dc06b761c4998826359.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

eda33f069061351b00919c8bce750f2fcdbd7b5b2f01e8109b253abff2a54131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-b853e654c4ce0dc06b761c4998826359.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 0
x-cache: HIT
content-length: 254
etag: "0f248f44eb7667505b549ccdeb39ad97"
x-request-id: 2723ced2-e4a1-46e7-b261-60a964cf8900
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Tue, 08 Mar 2022 20:28:41 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 shared-58c42dfbd0cec8572a5aefcf86e0ccee.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3123 207 KB
51 KB 33ms
26ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-b853e654c4ce0dc06b761c4998826359.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b6b48aecd028f633ef66cc4301631e61349638d60ed58b6e8280c2281c81134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-b853e654c4ce0dc06b761c4998826359.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 51940
etag: "8d8bf60babb833f654af5bc5f9e8b5c4"
x-request-id: cea4e436-2eeb-4b0c-bc93-9500665788e3
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 16 Mar 2022 20:11:29 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 95

GET
H2 200 ui-shared-614fa118a57f007d6527c9446da0a1a1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3123 216 KB
62 KB 32ms
25ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-614fa118a57f007d6527c9446da0a1a1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-b853e654c4ce0dc06b761c4998826359.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b712a90178343baeced58d55071a57044fd9b3617d92f3a5ae66d4fb32968e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-b853e654c4ce0dc06b761c4998826359.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 60
x-cache: HIT
content-length: 62890
etag: "beaaaf4b5d63d7bfce0233fb82465c27"
x-request-id: adf4bd99-1796-4872-9c0d-c4ffb15c0610
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 20:26:56 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H2 200 elements-inner-au-bank-account-fe259b0ee1cbcba283e22b9cbe08ae4b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3123 18 KB
5 KB 685ms
678ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-au-bank-account-fe259b0ee1cbcba283e22b9cbe08ae4b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-b853e654c4ce0dc06b761c4998826359.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e12dd298874b1dd4f8c700c424fb25361e055640d79ede83f28525215935f715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-b853e654c4ce0dc06b761c4998826359.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 0
x-cache: HIT
content-length: 5472
etag: "ec13b756e95408a079ee97cdb0a611d1"
x-request-id: c156a7ef-d0e3-4a76-8b0b-3a771599f048
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 20:26:58 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css
js.stripe.com/v3/fingerprinted/css/ Frame D620 15 KB
3 KB 33ms
26ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-157c29f58b70ac8655bbcfd76ed71cd2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d9f33ed9fdd936a670993b9a8e6ca44e7a358d0f7b217b6c6638b502f66a8015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-157c29f58b70ac8655bbcfd76ed71cd2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 91
x-cache: HIT
content-length: 2474
etag: "7c0a4ba6a732ed01cc27774f97bbe8bd"
x-request-id: 5e02b0d1-477e-43fd-b147-c9802bf82c48
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 12 Jan 2022 18:02:17 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19

GET
H2 200 elements-inner-iban-1e23752f7e24669cbb9246ff078d1ca3.css
js.stripe.com/v3/fingerprinted/css/ Frame D620 485 B
307 B 38ms
30ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-iban-1e23752f7e24669cbb9246ff078d1ca3.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-157c29f58b70ac8655bbcfd76ed71cd2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4df9f1297805e967d119396d82dc2cd9ae754911f614ffaf8ef17f6d1fc23cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-157c29f58b70ac8655bbcfd76ed71cd2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 28
x-cache: HIT
content-length: 186
etag: "1f5aabb7e892d22d636a5645d5c3e225"
x-request-id: 1d7efb44-59da-4f0f-8cdd-15c2069c6cc0
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Tue, 08 Mar 2022 20:28:40 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 shared-58c42dfbd0cec8572a5aefcf86e0ccee.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D620 207 KB
51 KB 38ms
30ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-157c29f58b70ac8655bbcfd76ed71cd2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b6b48aecd028f633ef66cc4301631e61349638d60ed58b6e8280c2281c81134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-157c29f58b70ac8655bbcfd76ed71cd2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 51940
etag: "8d8bf60babb833f654af5bc5f9e8b5c4"
x-request-id: ce107b87-b1ff-4b04-b06b-2990b7853a37
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 16 Mar 2022 20:11:29 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 96

GET
H2 200 ui-shared-614fa118a57f007d6527c9446da0a1a1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D620 216 KB
62 KB 38ms
30ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-614fa118a57f007d6527c9446da0a1a1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-157c29f58b70ac8655bbcfd76ed71cd2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b712a90178343baeced58d55071a57044fd9b3617d92f3a5ae66d4fb32968e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-157c29f58b70ac8655bbcfd76ed71cd2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 60
x-cache: HIT
content-length: 62890
etag: "beaaaf4b5d63d7bfce0233fb82465c27"
x-request-id: 299186c7-99ef-418f-bca1-bbcdea4a9f5b
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 20:26:56 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

GET
H2 200 elements-inner-iban-620d41dcc71bdb3b286b14b164afc5e5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D620 19 KB
7 KB 37ms
29ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-iban-620d41dcc71bdb3b286b14b164afc5e5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-157c29f58b70ac8655bbcfd76ed71cd2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

377fd3f9bf4c9fc74fa016e7c100607751e2825da603e7dee441cc39b010e8cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-157c29f58b70ac8655bbcfd76ed71cd2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 28
x-cache: HIT
content-length: 6733
etag: "cf9bcfb11a9f89d4b4d7b5af3c4a67a6"
x-request-id: 6b46747c-e2b0-464d-afb8-97ebcd729306
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 20:26:50 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 45ms
21ms XHR
text/plain 2a00:1450:400c:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-12551341-7&cid=511734531.1647531839&jid=381761078&gjid=944234844&_gid=18302485.1647531839&_u=aHDAAUABAAAAAG~&z=122277460

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.678514a0cd01.vendors~sentry.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c01::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 17 Mar 2022 15:44:01 GMT
content-type: text/plain
access-control-allow-origin: https://www.heart.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 1628261962429989250 Show response
api.fundraiseup.com/paymentSession/ 277 B
590 B 208ms
208ms XHR
application/json 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/paymentSession/1628261962429989250

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.678514a0cd01.vendors~sentry.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ce5b9319989a54d99a3c24436f57b79503156ac4880163b8b93462a9db65fb6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
content-encoding: br
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-response-time: 68ms
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heart.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-security-policy: frame-ancestors 'self' fundraiseup.com
cf-ray: 6ed6d8f6ec85906d-FRA
expires: 0

GET
H3 200 640841653478511 Show response
connect.facebook.net/signals/config/ 311 KB
89 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/640841653478511?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9a1871c5179f56238867da899625a5cf379c3ebb78e591e3c0091bb43c832adc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 90861
x-xss-protection: 0
pragma: public
x-fb-debug: 6kFn+bdw6hGN0hjx2RjxN2WunG39XeHenJh4J92fbhBoPFdq5vfYUmhTzOhZv8LQNR+c+VYckEAJnR347EDHyA==
x-frame-options: DENY
date: Thu, 17 Mar 2022 15:44:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=454054155084786&ev=PageView&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&rl=&if=false&ts=1647531840420&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=28&it=1647531839347&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 15:44:01 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 289 KB
68 KB 10ms
9ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/3.bd62720df09c.bootvue~checkoutForm~showcaseform~widgetgui.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

afb40334fd3bfc28fa741c0f3cdfb71394fdcc772ece2c43b48518b4a7742d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 3
x-cache: HIT
content-length: 69963
etag: "7bea87cee5df7fa94adf69bc5dec221e"
x-request-id: 5007ef2c-1852-40f4-bfdd-c241ddf8260b
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 16 Mar 2022 20:35:50 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 0171 319 KB
98 KB 31ms
9ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=42W2XRGE3QESU&currency=EUR&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/3.bd62720df09c.bootvue~checkoutForm~showcaseform~widgetgui.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcdcfac9afdd5966491176a0460eb8a9c4a9e315c2ee577faa43cca1e8ba6d1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-oVA4lnJ6HpHGn4KLCBkKzxn2CmR5uqWAN5KWwHUxZc59UVpO' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-oVA4lnJ6HpHGn4KLCBkKzxn2CmR5uqWAN5KWwHUxZc59UVpO' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-oVA4lnJ6HpHGn4KLCBkKzxn2CmR5uqWAN5KWwHUxZc59UVpO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-oVA4lnJ6HpHGn4KLCBkKzxn2CmR5uqWAN5KWwHUxZc59UVpO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 3431
via: 1.1 varnish
x-cache: HIT
p3p: true
paypal-debug-id: f538625a1c1dd
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 99092
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4051-HHN
x-timer: S1647531841.127105,VS0,VE2
x-frame-options: SAMEORIGIN
date: Thu, 17 Mar 2022 15:44:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"18314-OTNvn051PpQShOcconvyQhlDswQ"
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK user Show response
app.cybba.solutions/ 143 B
453 B 327ms
114ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/user?callback=_vtsdk.User.callbackUser&shopId=852&email=null&_ts=83221884

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/heart.org/loader.min.js?v=36068

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

2c7e31ab62e6371cd347d9cd75a72263c25ba7846c5038a0fd57d49e1df665fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 15:44:01 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 143
Expires: Thu, 17 Mar 2022 15:44:00 GMT

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 305 B
461 B 35ms
8ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=X8nNh9l0HcVYntp
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.678514a0cd01.vendors~sentry.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 282df3d7845ef5cc7a6fad733f6d2b2e25668bc901c319e1e6788e0337b5f105

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 17 Mar 2022 15:44:01 GMT
Content-Length: 305
Content-Type: application/json; charset=utf-8

GET
H2 200 inner.html Show response
m.stripe.network/ Frame D648 932 B
2 KB 29ms
9ms Document
text/html 2600:9000:2156:a600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-7345858512d328389831b5c353d30a99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:a600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 932
last-modified: Mon, 07 Mar 2022 19:04:54 GMT
accept-ranges: bytes
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
date: Thu, 17 Mar 2022 15:42:47 GMT
cache-control: max-age=300, public
etag: "f6254e6dd0cb06228801a1c8baf0939f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: AHoGKOH3OZWZYJP-Rx7lKYA4QTaQC3Whx9PRL1OJH5CfhP7KuGp29A==
age: 75

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 67ms
66ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-12551341-7&cid=511734531.1647531839&jid=381761078&_u=aHDAAUABAAAAAG~&z=656760112

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 65ms
65ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-12551341-7&cid=511734531.1647531839&jid=381761078&_u=aHDAAUABAAAAAG~&z=656760112

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/936930558/ 42 B
64 B 65ms
64ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/936930558/?random=1647531840211&cv=9&fst=1647529200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&async=1&fmt=3&is_vtc=1&random=2757052489&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/936930558/ 42 B
64 B 54ms
53ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/936930558/?random=1647531840211&cv=9&fst=1647529200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&async=1&fmt=3&is_vtc=1&random=2757052489&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/936930558/ 42 B
64 B 55ms
54ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/936930558/?random=1647531840213&cv=9&fst=1647529200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3DFundraise%20Up%20Checkout%20Open%3Bevent_category%3DFundraise%20Up%20Checkout%20Events%3Bevent_label%3DFY22%20-%2003_Mar%20-%20Heart%20-%20Donate%20Form%20%7C%20General%20Revenue%20(FUNFQSZWRFW)&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&async=1&fmt=3&is_vtc=1&random=4018278564&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/936930558/ 42 B
64 B 299ms
299ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/936930558/?random=1647531840213&cv=9&fst=1647529200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3DFundraise%20Up%20Checkout%20Open%3Bevent_category%3DFundraise%20Up%20Checkout%20Events%3Bevent_label%3DFY22%20-%2003_Mar%20-%20Heart%20-%20Donate%20Form%20%7C%20General%20Revenue%20(FUNFQSZWRFW)&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&async=1&fmt=3&is_vtc=1&random=4018278564&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 536ms
264ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 521ms
263ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 95 KB
31 KB 132ms
66ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/3.bd62720df09c.bootvue~checkoutForm~showcaseform~widgetgui.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ecde91d88dbb2ac0fee3fd1fbb92977853f7e91ba1977c2c33b04d237165693

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-japWWkoGQqrfJXAx/H3Q0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-japWWkoGQqrfJXAx/H3Q0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=600
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-japWWkoGQqrfJXAx/H3Q0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-japWWkoGQqrfJXAx/H3Q0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:01 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame D648 0
131 B 344ms
342ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H3 200 /
www.google.com/pagead/1p-user-list/936930558/ 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/936930558/?random=1647531840295&cv=9&fst=1647529200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3Dbegin_checkout%3Ballow_custom_scripts%3Dtrue%3Bcontent_type%3Dproduct%3Baffiliation%3DFundraise%20Up%3Bid%3DFUNFQSZWRFW&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&async=1&fmt=3&is_vtc=1&random=3524923321&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/936930558/ 42 B
64 B 55ms
54ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/936930558/?random=1647531840295&cv=9&fst=1647529200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3Dbegin_checkout%3Ballow_custom_scripts%3Dtrue%3Bcontent_type%3Dproduct%3Baffiliation%3DFundraise%20Up%3Bid%3DFUNFQSZWRFW&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&async=1&fmt=3&is_vtc=1&random=3524923321&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1607492480&t=event&_s=3&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&dp=%2Fen%2Fget-involved%2Fways-to-give%2F%23FUNFQSZWRFW%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ecommerce&ea=begin_checkout&_u=aHDAAUALAAAAAG~&jid=&gjid=&cid=511734531.1647531839&tid=UA-12551341-7&_gid=18302485.1647531839&gtm=2ou3e0&cos=1&pa=checkout&pr1id=FUNFQSZWRFW&pr1nm=FY22%20-%2003_Mar%20-%20Heart%20-%20Donate%20Form%20%7C%20General%20Revenue&pr1br=Fundraise%20Up&pr1qt=1&z=821442859

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 11:30:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15234
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/936930558/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/936930558/?random=1912097253&cv=9&fst=1647531840304&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/936930558/?random=1912097253&cv=9&fst=1647531840304&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.de/pagead/1p-conversion/936930558/?random=1912097253&cv=9&fst=1647531840304&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

61ms
60ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/936930558/?random=1912097253&cv=9&fst=1647531840304&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&auid=178462528.1647531839&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNCksQI&is_vtc=1&ocp_id=QVczYpiaA92xx_AP0uaE-Ao&cid=CAQSKQCNIrLMHX6r8e17BdvJpzeg-StgYMaCgBDjNhhzIH2YAmOHNydx0wFh&random=2784755720&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hDx14xhWaIv1_KMYPbnq9GRtwgVkH_hMK4ow6w90SlW9N7KZtRCI7saOMkXTx14t0sYQwHmbn6vh06WkV_2pE8B

Requested by

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/936930558/?random=1912097253&cv=9&fst=1647531840304&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&auid=178462528.1647531839&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNCksQI&is_vtc=1&ocp_id=QVczYpiaA92xx_AP0uaE-Ao&cid=CAQSKQCNIrLMHX6r8e17BdvJpzeg-StgYMaCgBDjNhhzIH2YAmOHNydx0wFh&random=2784755720&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hDx14xhWaIv1_KMYPbnq9GRtwgVkH_hMK4ow6w90SlW9N7KZtRCI7saOMkXTx14t0sYQwHmbn6vh06WkV_2pE8B
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controller-0986c1cf91e9f902d106d8d5f962ee5a.html Show response
js.stripe.com/v3/ Frame 4627 349 B
761 B 7ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

438ee7c09860040874be1e41d177b2e1d130020724a0e2da4a95142e4c99f06f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

last-modified: Wed, 16 Mar 2022 20:11:22 GMT
etag: "0986c1cf91e9f902d106d8d5f962ee5a"
cache-control: max-age=60
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 17 Mar 2022 15:44:01 GMT
via: 1.1 varnish
age: 33
x-request-id: cd077b7e-5d30-4bb2-b319-629cc135be8c
x-served-by: cache-hhn4020-HHN
x-cache: HIT
x-cache-hits: 45
vary: Accept-Encoding
timing-allow-origin: *
content-length: 166

GET
H2 200 payment-request-inner-google-pay-9b8ee344d0b51ced5a0634f4a7bed795.html Show response
js.stripe.com/v3/ Frame DDCD 434 B
569 B 7ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-9b8ee344d0b51ced5a0634f4a7bed795.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

78df6aa1cbdc98e49fadf910b0b051c2ac5b22a002b9c4c0b7cf5b4403e9ac7f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

last-modified: Wed, 16 Mar 2022 20:11:22 GMT
etag: "9b8ee344d0b51ced5a0634f4a7bed795"
cache-control: max-age=60
content-type: text/html; charset=utf-8
content-security-policy: default-src 'none'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 17 Mar 2022 15:44:01 GMT
via: 1.1 varnish
age: 22
x-request-id: 5ae473a6-e12a-43d7-bb1c-fb13d35cb57a
x-served-by: cache-hhn4020-HHN
x-cache: HIT
x-cache-hits: 11
vary: Accept-Encoding
timing-allow-origin: *
content-length: 197

GET
H2 200 payment-request-inner-browser-59711d7b62bbd49d98d5a40431a1bff5.html Show response
js.stripe.com/v3/ Frame 7CAC 370 B
628 B 7ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-59711d7b62bbd49d98d5a40431a1bff5.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

540233274b028e9f038e4fa8ef17e878cd4e60be17f8c1200d4a82582c3bba36

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

last-modified: Wed, 16 Mar 2022 20:12:15 GMT
etag: "59711d7b62bbd49d98d5a40431a1bff5"
cache-control: max-age=60
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 17 Mar 2022 15:44:01 GMT
via: 1.1 varnish
age: 56
x-request-id: c7ded284-cd7e-489e-9d6f-0719e0f92ed6
x-served-by: cache-hhn4020-HHN
x-cache: HIT
x-cache-hits: 28
vary: Accept-Encoding
timing-allow-origin: *
content-length: 176

GET
H3 200 1679298562291128 Show response
connect.facebook.net/signals/config/ 43 KB
12 KB 78ms
77ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1679298562291128?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

998202f8b91e3d739b0eb8eef0083ccd8fc2de9eef1c24bd02fad37c50f9c07b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: gy4y6oena3mqdG4BfeIjHG30T1BShBDkvhS/bOf3uSp/T1eZScXBnFsDTUJQP0vkSPo4hcfByUqNmiZA89VMwg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 17 Mar 2022 15:44:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=640841653478511&ev=PageView&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&rl=&if=false&ts=1647531840735&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647531839576.529999894&it=1647531839347&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 15:44:01 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ Frame 0171 13 KB
5 KB 9ms
9ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.heart.org&t=xo&v=5.0.288&source=payments_sdk&mrid=42W2XRGE3QESU&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=42W2XRGE3QESU&currency=EUR&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

72455c531aaa7e1fceaaa3d445ce063c57f6e2e343d51060127baece6c051368

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-8lFMP1eldYruFtlSTzDUA6BONMF4lNErM77iFYEjbh8yfNMO' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-8lFMP1eldYruFtlSTzDUA6BONMF4lNErM77iFYEjbh8yfNMO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 44525
x-cache: HIT
paypal-debug-id: f124611937371
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4747
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4051-HHN
x-timer: S1647531841.439659,VS0,VE2
x-frame-options: SAMEORIGIN
date: Thu, 17 Mar 2022 15:44:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=3600
etag: W/"353a-oM+V1TgzK/HqaTLlvbuYpFaWupo"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame D809 352 KB
144 KB 271ms
271ms Document
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=silver&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZibTY5aWc4bk1STG1aS1MtUW9PTnE3cUlIUHFscFlKMWwzdnl4RV9sYS1VWlBVX2VFa0tIMkhScEhGa2w3U05KOGFfZUt2RGtjVDktTXkmbWVyY2hhbnQtaWQ9NDJXMlhSR0UzUUVTVSZjdXJyZW5jeT1FVVImZGlzYWJsZS1mdW5kaW5nPXZlbm1vJmxvY2FsZT1lbl9VUyZpbnRlbnQ9dG9rZW5pemUmdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3BsdHJtZ2hqZXVtYWxsb2lzc2RqaHR0cHVtYnpkaCJ9fQ&clientID=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&sdkCorrelationID=f99490163b7ca&storageID=uid_1bdc7a0ec6_mtu6ndq6mda&sessionID=uid_0f097419b3_mtu6ndq6mda&buttonSessionID=uid_6ef0de5de5_mtu6ndq6mda&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiNWY3MWI5Zjk3YzU3NjA5Y2M2NGUyMTI5YTcyNmZlZTVjYmE5MjUwNiIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=EUR&intent=tokenize&commit=true&vault=true&disableFunding.0=venmo&merchantID.0=42W2XRGE3QESU&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

68097c201eb1a1697b219eec719aab8e8b65a50206d03a746d8487f6569b0e73

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"580ba-QVOATeSCDwbH8ZQT16+iU3esKoc"
p3p: true
paypal-debug-id: f813431a3b0d0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
date: Thu, 17 Mar 2022 15:44:01 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4051-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1647531841.486502,VS0,VE264
vary: Accept-Encoding
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-encoding: br

GET
DATA 200
OK truncated
/ Frame 25B0 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 264ms
264ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 264ms
264ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 263ms
263ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 263ms
263ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 263ms
263ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 272ms
272ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 277ms
277ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 276ms
276ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 276ms
276ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 322ms
322ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 273ms
273ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 277ms
277ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 277ms
277ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 271ms
271ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 276ms
276ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 264ms
264ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 262ms
261ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 263ms
263ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 259ms
259ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 260ms
260ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 262ms
262ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame D648 85 KB
14 KB 9ms
9ms Script
text/javascript 2600:9000:2156:a600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:a600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 177
x-cache: Hit from cloudfront
date: Thu, 17 Mar 2022 15:41:14 GMT
last-modified: Mon, 07 Mar 2022 19:04:56 GMT
server: Cloudfront
etag: W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: fPxojdwE3rTaxRRMt-Zaey66poNBeBQFI83x78iMI7pd_2dIpMZ1UA==

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 270ms
270ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 dc_pre=CLLYmLG-zfYCFQr6Gwodmc8Cfg;src=9239798;type=chekopen;cat=ahase0;ord=1060821379456;gtm=2od3g0;auiddc=*;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-inv...
adservice.google.com/ddm/fls/z/ Frame 841B 42 B
494 B 176ms
80ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLLYmLG-zfYCFQr6Gwodmc8Cfg;src=9239798;type=chekopen;cat=ahase0;ord=1060821379456;gtm=2od3g0;auiddc=*;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail

Requested by

Host: 9239798.fls.doubleclick.net
URL: https://9239798.fls.doubleclick.net/activityi;dc_pre=CLLYmLG-zfYCFQr6Gwodmc8Cfg;src=9239798;type=chekopen;cat=ahase0;ord=1060821379456;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9239798.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 4627 0
357 B 404ms
404ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 62
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DDCD 0
357 B 297ms
297ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 24
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7CAC 0
357 B 396ms
395ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 61
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 0171 827 B
1 KB 184ms
183ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aad6f5f2d529b930cae3fe6923bf64e21a740bd0d2dfc58e7dbb58559bd34e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f401529a6b363
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4068-HHN
x-timer: S1647531842.729686,VS0,VE177
etag: W/"33b-6ECxOwN9KYvidpOuSpj2Q/t7ykk"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heart.org
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 183ms
167ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.heart.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.heart.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f40152978caba
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
date: Thu, 17 Mar 2022 15:44:01 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4068-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1647531842.561413,VS0,VE161
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-encoding: br
vary: accept-encoding

GET
H2 200 dc_pre=CO_kmLG-zfYCFflDHQkde5IBZw;src=6259436;type=chekopen;cat=ahado0;ord=3436637060411;gtm=2od3e0;auiddc=*;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-inv...
adservice.google.com/ddm/fls/z/ Frame F130 42 B
107 B 158ms
80ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CO_kmLG-zfYCFflDHQkde5IBZw;src=6259436;type=chekopen;cat=ahado0;ord=3436637060411;gtm=2od3e0;auiddc=*;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail

Requested by

Host: 6259436.fls.doubleclick.net
URL: https://6259436.fls.doubleclick.net/activityi;dc_pre=CO_kmLG-zfYCFflDHQkde5IBZw;src=6259436;type=chekopen;cat=ahado0;ord=3436637060411;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6259436.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 236ms
236ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 233ms
233ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 237ms
236ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 278ms
278ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 276ms
275ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 shared-58c42dfbd0cec8572a5aefcf86e0ccee.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4627 207 KB
51 KB 19ms
18ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b6b48aecd028f633ef66cc4301631e61349638d60ed58b6e8280c2281c81134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 51940
etag: "8d8bf60babb833f654af5bc5f9e8b5c4"
x-request-id: 8fb2eb0f-1cfb-47cb-bcd1-45defaf42e4d
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 16 Mar 2022 20:11:29 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 97

GET
H2 200 controller-eb746c1c52b0aab10eb97d7c95730167.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4627 377 KB
93 KB 20ms
19ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-eb746c1c52b0aab10eb97d7c95730167.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bbbdfb617f128b6224eb8f90c9aae62eb5c30b0711d440fb4ccab964cdc2d801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0986c1cf91e9f902d106d8d5f962ee5a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 21
x-cache: HIT
content-length: 94649
etag: "91f6f563998d2fdcd2bb4ca2ed7e5e91"
x-request-id: bb7b6040-e132-49da-9189-584bd4510273
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 20:22:27 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27

GET
H3 200 pay.js Show response
pay.google.com/gp/p/js/ Frame DDCD 95 KB
30 KB 88ms
67ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-9b8ee344d0b51ced5a0634f4a7bed795.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ecde91d88dbb2ac0fee3fd1fbb92977853f7e91ba1977c2c33b04d237165693

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/l9nPkq561vg0x7ZAuCapQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-/l9nPkq561vg0x7ZAuCapQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-/l9nPkq561vg0x7ZAuCapQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-/l9nPkq561vg0x7ZAuCapQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:01 GMT

GET
H2 200 shared-58c42dfbd0cec8572a5aefcf86e0ccee.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DDCD 207 KB
51 KB 21ms
21ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-9b8ee344d0b51ced5a0634f4a7bed795.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b6b48aecd028f633ef66cc4301631e61349638d60ed58b6e8280c2281c81134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-9b8ee344d0b51ced5a0634f4a7bed795.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 51940
etag: "8d8bf60babb833f654af5bc5f9e8b5c4"
x-request-id: c5135564-3b2a-4363-aeb7-21f888190e8f
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 16 Mar 2022 20:11:29 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 99

GET
H2 200 payment-request-inner-google-pay-f37b439d82bf329cbac9a72d53d92f6a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DDCD 13 KB
4 KB 27ms
26ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-f37b439d82bf329cbac9a72d53d92f6a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-9b8ee344d0b51ced5a0634f4a7bed795.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5ba86bd1f4cc4f3a1575d2075a4474fa3b08bcb6d0b5a7b6e51100f7a3b59b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-9b8ee344d0b51ced5a0634f4a7bed795.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 4384
etag: "8fd69d986507ed1053120facd69b236d"
x-request-id: f8a0f7a1-8b88-47fa-9deb-7ab6a4f5b95e
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 20:26:55 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19

GET
H2 200 shared-58c42dfbd0cec8572a5aefcf86e0ccee.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7CAC 207 KB
51 KB 24ms
23ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-59711d7b62bbd49d98d5a40431a1bff5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b6b48aecd028f633ef66cc4301631e61349638d60ed58b6e8280c2281c81134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-59711d7b62bbd49d98d5a40431a1bff5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 51940
etag: "8d8bf60babb833f654af5bc5f9e8b5c4"
x-request-id: c907e1cb-a406-4989-b453-01e5dda8dc28
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 16 Mar 2022 20:11:29 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 99

GET
H2 200 payment-request-inner-browser-579148eaa4c0861be790e2d193160dae.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7CAC 11 KB
4 KB 26ms
26ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-579148eaa4c0861be790e2d193160dae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-59711d7b62bbd49d98d5a40431a1bff5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9ef784fd6235d361e4661e2f5dee7cc6d77577985e08fd32ab55de96bd56c8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-59711d7b62bbd49d98d5a40431a1bff5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 55
x-cache: HIT
content-length: 4063
etag: "24b38fa85bc9891f8061475aaff3bff2"
x-request-id: 8c012e77-27bc-4889-834e-29947174b85e
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 20:26:54 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 28

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 271ms
271ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 374ms
374ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 372ms
372ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 373ms
373ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 370ms
370ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 370ms
370ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame B9FA 18 KB
7 KB 201ms
198ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.heart.org&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65765eb8f9ba9cc4e8009405060a6210a79af0998827ead47422131162a5ac92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zv7a5wOIe90Jdt9+2RWEgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-Zv7a5wOIe90Jdt9+2RWEgw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Thu, 17 Mar 2022 15:44:01 GMT
date: Thu, 17 Mar 2022 15:44:01 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-Zv7a5wOIe90Jdt9+2RWEgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-Zv7a5wOIe90Jdt9+2RWEgw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ Frame 0171 55 KB
17 KB 46ms
8ms Script
application/javascript 184.25.114.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=www.heart.org&t=xo&v=5.0.288&source=payments_sdk&mrid=42W2XRGE3QESU&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&vault=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.25.114.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-25-114-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

a4b749626aab6395c52aed1a8016aa5f6c4c8ca60cf771c0d8ce54202a53e725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
date: Thu, 17 Mar 2022 15:44:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Mar 2022 18:16:31 GMT
etag: W/"622a407f-dad7"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: cd2c3ab99398c
cache-control: s-maxage=31536000, public,max-age=3600
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-1.paypal.com
content-length: 16529

GET
H2 200 ts
t.paypal.com/ Frame 0171 42 B
691 B 195ms
161ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A42W2XRGE3QESU-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A42W2XRGE3QESU-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=bdad9d53-2fbd-497f-b896-6cc843524c26&fltp=analytics&mrid=42W2XRGE3QESU&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1647531840910&g=0&completeurl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_source%3D%26utm_medium%3Demail%26utm_campaign%3D

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F18) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:01 GMT
content-type: image/gif
server: ECAcc (frc/8F18)
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 497a09bba6092
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc=,x-cdn;desc=edgecast,edge;dur=153
timing-allow-origin: *
content-length: 42
expires: Thu, 17 Mar 2022 15:44:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1679298562291128&ev=PageView&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&rl=&if=false&ts=1647531840914&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=28&fbp=fb.1.1647531839576.529999894&it=1647531839347&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 15:44:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=736154100088324&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&rl=&if=false&ts=1647531840916&cd[content_name]=FY22%20-%2003_Mar%20-%20Heart%20-%20Donate%20Form%20%7C%20General%20Revenue&cd[content_ids]=%5B%22FUNFQSZWRFW%22%5D&cd[content_type]=product&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647531839576.529999894&it=1647531839347&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 15:44:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1716007538720452&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&rl=&if=false&ts=1647531840917&cd[content_name]=FY22%20-%2003_Mar%20-%20Heart%20-%20Donate%20Form%20%7C%20General%20Revenue&cd[content_ids]=%5B%22FUNFQSZWRFW%22%5D&cd[content_type]=product&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647531839576.529999894&it=1647531839347&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 15:44:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=566975180179047&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&rl=&if=false&ts=1647531840918&cd[content_name]=FY22%20-%2003_Mar%20-%20Heart%20-%20Donate%20Form%20%7C%20General%20Revenue&cd[content_ids]=%5B%22FUNFQSZWRFW%22%5D&cd[content_type]=product&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647531839576.529999894&it=1647531839347&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 15:44:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 12ms
11ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=454054155084786&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&rl=&if=false&ts=1647531840918&cd[content_name]=FY22%20-%2003_Mar%20-%20Heart%20-%20Donate%20Form%20%7C%20General%20Revenue&cd[content_ids]=%5B%22FUNFQSZWRFW%22%5D&cd[content_type]=product&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=28&it=1647531839347&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 15:44:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 12ms
11ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=640841653478511&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&rl=&if=false&ts=1647531840920&cd[content_name]=FY22%20-%2003_Mar%20-%20Heart%20-%20Donate%20Form%20%7C%20General%20Revenue&cd[content_ids]=%5B%22FUNFQSZWRFW%22%5D&cd[content_type]=product&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647531839576.529999894&it=1647531839347&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 15:44:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 13ms
11ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1679298562291128&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&rl=&if=false&ts=1647531840921&cd[content_name]=FY22%20-%2003_Mar%20-%20Heart%20-%20Donate%20Form%20%7C%20General%20Revenue&cd[content_ids]=%5B%22FUNFQSZWRFW%22%5D&cd[content_type]=product&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=28&fbp=fb.1.1647531839576.529999894&it=1647531839347&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 15:44:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 13ms
12ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=736154100088324&ev=Microdata&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&rl=&if=false&ts=1647531840921&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association%22%2C%22meta%3Adescription%22%3A%22Join%20the%20fight%20against%20our%20nations%20No.%201%20and%20No.%205%20killers%20-%20heart%20disease%20and%20stroke%20-%20and%20find%20out%20how%20to%20give%20and%20donate%20to%20the%20American%20Heart%20Association.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Ways%20to%20Give%20%7C%20Make%20a%20Donation%22%2C%22og%3Adescription%22%3A%22Join%20the%20fight%20against%20our%20nations%20No.%201%20and%20No.%205%20killers%20-%20heart%20disease%20and%20stroke%20-%20and%20find%20out%20how%20to%20give%20and%20donate%20to%20the%20American%20Heart%20Association.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.heart.org%2F-%2Fmedia%2FImages%2FGet-Involved%2FWays-to-Give%2FAHA2010CROWTGImg05.jpg%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%22%2C%22og%3Asite_name%22%3A%22www.heart.org%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=2&o=30&fbp=fb.1.1647531839576.529999894&it=1647531839347&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 15:44:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 13ms
12ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1716007538720452&ev=Microdata&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&rl=&if=false&ts=1647531840922&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association%22%2C%22meta%3Adescription%22%3A%22Join%20the%20fight%20against%20our%20nations%20No.%201%20and%20No.%205%20killers%20-%20heart%20disease%20and%20stroke%20-%20and%20find%20out%20how%20to%20give%20and%20donate%20to%20the%20American%20Heart%20Association.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Ways%20to%20Give%20%7C%20Make%20a%20Donation%22%2C%22og%3Adescription%22%3A%22Join%20the%20fight%20against%20our%20nations%20No.%201%20and%20No.%205%20killers%20-%20heart%20disease%20and%20stroke%20-%20and%20find%20out%20how%20to%20give%20and%20donate%20to%20the%20American%20Heart%20Association.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.heart.org%2F-%2Fmedia%2FImages%2FGet-Involved%2FWays-to-Give%2FAHA2010CROWTGImg05.jpg%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%22%2C%22og%3Asite_name%22%3A%22www.heart.org%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=2&o=30&fbp=fb.1.1647531839576.529999894&it=1647531839347&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 15:44:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 13ms
12ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=566975180179047&ev=Microdata&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&rl=&if=false&ts=1647531840923&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association%22%2C%22meta%3Adescription%22%3A%22Join%20the%20fight%20against%20our%20nations%20No.%201%20and%20No.%205%20killers%20-%20heart%20disease%20and%20stroke%20-%20and%20find%20out%20how%20to%20give%20and%20donate%20to%20the%20American%20Heart%20Association.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Ways%20to%20Give%20%7C%20Make%20a%20Donation%22%2C%22og%3Adescription%22%3A%22Join%20the%20fight%20against%20our%20nations%20No.%201%20and%20No.%205%20killers%20-%20heart%20disease%20and%20stroke%20-%20and%20find%20out%20how%20to%20give%20and%20donate%20to%20the%20American%20Heart%20Association.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.heart.org%2F-%2Fmedia%2FImages%2FGet-Involved%2FWays-to-Give%2FAHA2010CROWTGImg05.jpg%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%22%2C%22og%3Asite_name%22%3A%22www.heart.org%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=2&o=30&fbp=fb.1.1647531839576.529999894&it=1647531839347&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 15:44:01 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 2166 0
127 B 327ms
327ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 328ms
327ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK update Show response
app.cybba.solutions/event/852/ 200 B
510 B 332ms
140ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/852/update?data=%7B%22userId%22%3A%225091755939314195%22%2C%22sessionId%22%3A%22824772104931488531%22%2C%22type%22%3A%22update%22%2C%22lastVisitDate%22%3A1647531840428%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=26614314

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/heart.org/loader.min.js?v=36068

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

0a3b02030623edef416ca86ac10007b7b9181f412a530276d86a3f06f940124b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 15:44:01 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 200
Expires: Thu, 17 Mar 2022 15:44:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame D648 156 B
522 B 578ms
217ms XHR
application/json 34.216.95.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.95.44 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-95-44.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

1b4ecfc977026a8aee425779df4f4eebd3df6c064997cda150b2220983a39bd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 0 Show response
r.stripe.com/ Frame 4627 0
127 B 183ms
183ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 6D00 54 KB
17 KB 8ms
8ms Document
text/html 184.25.114.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.25.114.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-25-114-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

1b8f3d676f1df1ca5867197fb16660fe565e70b9c6cd4176985a522df98e6d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

cache-control: s-maxage=31536000 public,max-age=3600
content-encoding: gzip
content-type: text/html
etag: W/"622a407f-d994"
last-modified: Thu, 10 Mar 2022 18:16:31 GMT
paypal-debug-id: 35bde807ed88e
surrogate-control: max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
dc: ccg11-origin-www-1.paypal.com
content-length: 16790
date: Thu, 17 Mar 2022 15:44:01 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000

POST
H2 200 0 Show response
r.stripe.com/ Frame 4627 0
127 B 174ms
174ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4627 0
127 B 174ms
174ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4627 0
127 B 175ms
174ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4627 0
127 B 174ms
174ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4627 0
127 B 172ms
171ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4627 0
127 B 172ms
172ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4627 0
127 B 172ms
172ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4627 0
127 B 173ms
173ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame B9FA 2 KB
2 KB 18ms
18ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.heart.org&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame D809 319 KB
98 KB 27ms
27ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=silver&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZibTY5aWc4bk1STG1aS1MtUW9PTnE3cUlIUHFscFlKMWwzdnl4RV9sYS1VWlBVX2VFa0tIMkhScEhGa2w3U05KOGFfZUt2RGtjVDktTXkmbWVyY2hhbnQtaWQ9NDJXMlhSR0UzUUVTVSZjdXJyZW5jeT1FVVImZGlzYWJsZS1mdW5kaW5nPXZlbm1vJmxvY2FsZT1lbl9VUyZpbnRlbnQ9dG9rZW5pemUmdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3BsdHJtZ2hqZXVtYWxsb2lzc2RqaHR0cHVtYnpkaCJ9fQ&clientID=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&sdkCorrelationID=f99490163b7ca&storageID=uid_1bdc7a0ec6_mtu6ndq6mda&sessionID=uid_0f097419b3_mtu6ndq6mda&buttonSessionID=uid_6ef0de5de5_mtu6ndq6mda&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiNWY3MWI5Zjk3YzU3NjA5Y2M2NGUyMTI5YTcyNmZlZTVjYmE5MjUwNiIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=EUR&intent=tokenize&commit=true&vault=true&disableFunding.0=venmo&merchantID.0=42W2XRGE3QESU&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcdcfac9afdd5966491176a0460eb8a9c4a9e315c2ee577faa43cca1e8ba6d1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-oVA4lnJ6HpHGn4KLCBkKzxn2CmR5uqWAN5KWwHUxZc59UVpO' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-oVA4lnJ6HpHGn4KLCBkKzxn2CmR5uqWAN5KWwHUxZc59UVpO' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=silver&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZibTY5aWc4bk1STG1aS1MtUW9PTnE3cUlIUHFscFlKMWwzdnl4RV9sYS1VWlBVX2VFa0tIMkhScEhGa2w3U05KOGFfZUt2RGtjVDktTXkmbWVyY2hhbnQtaWQ9NDJXMlhSR0UzUUVTVSZjdXJyZW5jeT1FVVImZGlzYWJsZS1mdW5kaW5nPXZlbm1vJmxvY2FsZT1lbl9VUyZpbnRlbnQ9dG9rZW5pemUmdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3BsdHJtZ2hqZXVtYWxsb2lzc2RqaHR0cHVtYnpkaCJ9fQ&clientID=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&sdkCorrelationID=f99490163b7ca&storageID=uid_1bdc7a0ec6_mtu6ndq6mda&sessionID=uid_0f097419b3_mtu6ndq6mda&buttonSessionID=uid_6ef0de5de5_mtu6ndq6mda&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiNWY3MWI5Zjk3YzU3NjA5Y2M2NGUyMTI5YTcyNmZlZTVjYmE5MjUwNiIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=EUR&intent=tokenize&commit=true&vault=true&disableFunding.0=venmo&merchantID.0=42W2XRGE3QESU&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-oVA4lnJ6HpHGn4KLCBkKzxn2CmR5uqWAN5KWwHUxZc59UVpO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-oVA4lnJ6HpHGn4KLCBkKzxn2CmR5uqWAN5KWwHUxZc59UVpO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 3432
via: 1.1 varnish
x-cache: HIT
p3p: true
paypal-debug-id: f538625a1c1dd
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 99092
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4051-HHN
x-timer: S1647531842.821644,VS0,VE3
x-frame-options: SAMEORIGIN
date: Thu, 17 Mar 2022 15:44:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"18314-OTNvn051PpQShOcconvyQhlDswQ"
accept-ranges: bytes
x-cache-hits: 2

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 4844 18 KB
7 KB 89ms
89ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0db90304d9188c326ca4fe74063f6e26467e7d41ce9ab3903a01a4fa2d256c87

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TMZo8iIjZXtXjTYabZGXPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-TMZo8iIjZXtXjTYabZGXPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Thu, 17 Mar 2022 15:44:01 GMT
date: Thu, 17 Mar 2022 15:44:01 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-TMZo8iIjZXtXjTYabZGXPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-TMZo8iIjZXtXjTYabZGXPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 banks-1153b3a931eb8fa2b3473230165e1828.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 3123 4 KB
1 KB 679ms
678ms XHR
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/banks-1153b3a931eb8fa2b3473230165e1828.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

474b08d3c200c99a5833418a238c0b27898363849764c2e5adc6c5622848204a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-b853e654c4ce0dc06b761c4998826359.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 0
x-cache: HIT
content-length: 1326
etag: "1153b3a931eb8fa2b3473230165e1828"
x-request-id: 46cffac3-f7b8-4d12-847c-238711162e3f
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Wed, 09 Mar 2022 17:14:04 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:02 GMT
vary: Accept-Encoding
content-type: application/json
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame B9FA 150 KB
53 KB 127ms
38ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.heart.org&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

842340a8afa4a6486572d981f1abba57138d87ba83c3e5e0b2e50583de3ddeaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53602
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 03:24:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 16:30:34 GMT

GET
DATA 200
OK truncated
/ Frame D809 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 173ms
172ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 174ms
174ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 200 tb
fndrsp.net/ 2 B
562 B 154ms
135ms Ping
text/plain 104.26.8.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/ARMPCVPV

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvmpwHpNnkJfeETofa6b5RyeTEz7OZQ71M6AJW6gde4bAhYYSzjkVyPo1IVBUqHKPVoiqy18i4Z3MWWKvqrfY%2BJgxjLvUOksh%2BRcC15j4efFNLOFHorIiXYFCtI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.heart.org
access-control-allow-credentials: true
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6ed6d8fc3e769be9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 tb
fndrsp-checkout.net/ 2 B
577 B 375ms
355ms Ping
text/plain 172.67.74.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp-checkout.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/ARMPCVPV

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5W5wPS3peAHdrO5jNN9q3GfoKh8fdxDxGNUKh%2BD3YLe5RF8GPEXOKhVSR6CYrMf8L1yW8pUjZaeNgk%2FjjeUh3Saj%2FLBmPMy7v%2FPIC4WfU%2B7ufYgTZ%2BMQ0QXjuhE6OTOJmW4fFoQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.heart.org
access-control-allow-credentials: true
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6ed6d8fc3a30910c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ts
t.paypal.com/ Frame 0171 42 B
477 B 175ms
175ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A42W2XRGE3QESU-1&page=muse%3Aoffer%3A%3A%3A42W2XRGE3QESU-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=bdad9d53-2fbd-497f-b896-6cc843524c26&es=visitorInfoFlowStarted&mrid=42W2XRGE3QESU&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1647531841249&g=0&completeurl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_source%3D%26utm_medium%3Demail%26utm_campaign%3D

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F18) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:02 GMT
content-type: image/gif
server: ECAcc (frc/8F18)
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: a1645350c86ac
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc=,x-cdn;desc=edgecast,edge;dur=169
timing-allow-origin: *
content-length: 42
expires: Thu, 17 Mar 2022 15:44:02 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 172ms
171ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 11ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=640841653478511&ev=Microdata&dl=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&rl=&if=false&ts=1647531841253&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association%22%2C%22meta%3Adescription%22%3A%22Join%20the%20fight%20against%20our%20nations%20No.%201%20and%20No.%205%20killers%20-%20heart%20disease%20and%20stroke%20-%20and%20find%20out%20how%20to%20give%20and%20donate%20to%20the%20American%20Heart%20Association.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Ways%20to%20Give%20%7C%20Make%20a%20Donation%22%2C%22og%3Adescription%22%3A%22Join%20the%20fight%20against%20our%20nations%20No.%201%20and%20No.%205%20killers%20-%20heart%20disease%20and%20stroke%20-%20and%20find%20out%20how%20to%20give%20and%20donate%20to%20the%20American%20Heart%20Association.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.heart.org%2F-%2Fmedia%2FImages%2FGet-Involved%2FWays-to-Give%2FAHA2010CROWTGImg05.jpg%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%22%2C%22og%3Asite_name%22%3A%22www.heart.org%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=2&o=30&fbp=fb.1.1647531839576.529999894&it=1647531839347&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 15:44:01 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 4844 2 KB
2 KB 18ms
17ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:01 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 6D00 435 B
2 KB 263ms
263ms Fetch
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

283d3f8c188514bfb3d7ccd3506a04584d8ef53f74f7722f8d8ed176d674d322

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-dRkiAAOMVr1B7cP5QB7IEWjeL14TNcWcM9t3Zmhad44LRkWe' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-dRkiAAOMVr1B7cP5QB7IEWjeL14TNcWcM9t3Zmhad44LRkWe' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
vary: Accept-Encoding
x-cache: MISS
paypal-debug-id: f40152953021f
date: Thu, 17 Mar 2022 15:44:02 GMT
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4051-HHN
x-timer: S1647531842.133407,VS0,VE256
x-frame-options: SAMEORIGIN
etag: W/"1b3-ZWxeyW2zefeBeMOJucGWMCUUMC4"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
content-encoding: br
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 186ms
186ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f401529049b87
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
date: Thu, 17 Mar 2022 15:44:02 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4068-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1647531842.945983,VS0,VE179
server-timing: content-encoding;desc="",x-cdn;desc="fastly"

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame 4844 150 KB
52 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

842340a8afa4a6486572d981f1abba57138d87ba83c3e5e0b2e50583de3ddeaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53602
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 03:24:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 16:30:34 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI... Frame B9FA 36 KB
13 KB 90ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI9YSmC_Ik.L.B1.O/am=DAAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgHKskjWNl-yARp4Cz9l89y8N-RAQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f89902a61c0e2296ee7940b127721a099f122f289a14b02ede4b2bededdcf91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 07:27:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 16:30:34 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI... Frame B9FA 75 KB
28 KB 89ms
54ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI9YSmC_Ik.L.B1.O/am=DAAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgHKskjWNl-yARp4Cz9l89y8N-RAQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8314c893aa0da9d7f0c8630985425f658cb94cac85465730550cad47860ecf14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28156
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 07:27:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 16:30:34 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI... Frame 4844 36 KB
13 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f89902a61c0e2296ee7940b127721a099f122f289a14b02ede4b2bededdcf91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 07:27:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 16:30:34 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI... Frame 4844 75 KB
28 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI9YSmC_Ik.L.B1.O/am=DAAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgHKskjWNl-yARp4Cz9l89y8N-RAQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8314c893aa0da9d7f0c8630985425f658cb94cac85465730550cad47860ecf14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28156
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 07:27:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 16:30:34 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame B9FA 49 KB
20 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI9YSmC_Ik.L.B1.O/am=DAAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgHKskjWNl-yARp4Cz9l89y8N-RAQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5956
date: Thu, 17 Mar 2022 14:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 17 Mar 2022 16:04:46 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame B9FA 1 MB
347 KB 85ms
85ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b29b6035d0608397f849696b32e7fe490db08a7bda54822cb867bd900fcdd84b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-hGLgqremNOb5w7izfxkZ7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-hGLgqremNOb5w7izfxkZ7Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
date: Thu, 17 Mar 2022 15:44:02 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-hGLgqremNOb5w7izfxkZ7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-hGLgqremNOb5w7izfxkZ7Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Thu, 17 Mar 2022 15:44:02 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 4844 49 KB
20 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI9YSmC_Ik.L.B1.O/am=DAAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgHKskjWNl-yARp4Cz9l89y8N-RAQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5956
date: Thu, 17 Mar 2022 14:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 17 Mar 2022 16:04:46 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 4844 1 MB
347 KB 74ms
74ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1de7e26fa32d90f6a4a3ffc2335165000b3070d0c724a63f2261b69376c6abf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PqwibceMPGr5tofMSYu4zQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-PqwibceMPGr5tofMSYu4zQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
date: Thu, 17 Mar 2022 15:44:02 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: script-src 'report-sample' 'nonce-PqwibceMPGr5tofMSYu4zQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-PqwibceMPGr5tofMSYu4zQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Thu, 17 Mar 2022 15:44:02 GMT

POST
H3 200 log Show response
play.google.com/ Frame B9FA 131 B
155 B 96ms
49ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:02 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 130ms
43ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 17 Mar 2022 15:44:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 15:44:02 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame B9FA 131 B
155 B 67ms
52ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:02 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 161ms
79ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 17 Mar 2022 15:44:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 15:44:02 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame B9FA 131 B
155 B 101ms
53ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:02 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 121ms
44ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 17 Mar 2022 15:44:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 15:44:02 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame B9FA 131 B
155 B 68ms
52ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:02 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 151ms
78ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 17 Mar 2022 15:44:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 15:44:02 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame B9FA 131 B
155 B 67ms
51ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:02 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 147ms
78ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 17 Mar 2022 15:44:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 15:44:02 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame B9FA 131 B
155 B 98ms
52ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:02 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 109ms
45ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 17 Mar 2022 15:44:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 15:44:02 GMT
cache-control: private

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI... Frame B9FA 17 KB
7 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI9YSmC_Ik.L.B1.O/am=DAAC/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgHKskjWNl-yARp4Cz9l89y8N-RAQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29439d371683188ece811811b30178f817220949d3e7763ef2386b9499b0b2fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7212
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 07:27:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 16:30:35 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI... Frame B9FA 7 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI9YSmC_Ik.L.B1.O/am=DAAC/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgHKskjWNl-yARp4Cz9l89y8N-RAQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823cdcf7d4007b6c8fc416a8e74a8618583abd8cb3f18d0e4bb4c19b40d0362e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3071
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 07:27:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 16:30:35 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4844 131 B
155 B 96ms
50ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:02 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 86ms
45ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 17 Mar 2022 15:44:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 15:44:02 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 4844 131 B
155 B 95ms
48ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:02 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 79ms
43ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 17 Mar 2022 15:44:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 15:44:02 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 4844 131 B
155 B 98ms
51ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:02 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 75ms
44ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 17 Mar 2022 15:44:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 15:44:02 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 4844 131 B
155 B 103ms
56ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:02 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 70ms
46ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 17 Mar 2022 15:44:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 15:44:02 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 4844 131 B
155 B 68ms
51ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:02 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 95ms
77ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 17 Mar 2022 15:44:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 15:44:02 GMT
cache-control: private

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI... Frame 4844 17 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI9YSmC_Ik.L.B1.O/am=DAAC/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgHKskjWNl-yARp4Cz9l89y8N-RAQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29439d371683188ece811811b30178f817220949d3e7763ef2386b9499b0b2fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7212
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 07:27:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 16:30:35 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI... Frame 4844 7 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5mI9YSmC_Ik.L.B1.O/am=DAAC/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrgHKskjWNl-yARp4Cz9l89y8N-RAQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823cdcf7d4007b6c8fc416a8e74a8618583abd8cb3f18d0e4bb4c19b40d0362e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3071
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 07:27:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 16:30:35 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4844 131 B
155 B 98ms
51ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:02 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 52ms
45ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 17 Mar 2022 15:44:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Mar 2022 15:44:02 GMT
cache-control: private

POST
H2 200 0 Show response
r.stripe.com/ Frame 4627 0
127 B 172ms
171ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4627 0
127 B 170ms
170ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 log Show response
play.google.com/ Frame B9FA 131 B
671 B 134ms
50ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:02 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame D809 56 KB
19 KB 46ms
8ms Script
application/javascript 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5a9fe372bcff9fdc9196edad388df17256dda91a192654f4ec796bff77b1569c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58744
x-cache: HIT
paypal-debug-id: 5330b0a2ed6e9
x-cache-hits: 35276
access-control-allow-methods: GET
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19345
via: 1.1 varnish
x-served-by: cache-hhn4020-HHN
last-modified: Tue, 01 Mar 2022 17:38:12 GMT
x-timer: S1647531842.491106,VS0,VE1
etag: W/"621e5a04-de78"
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:44:02 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 4627 0
127 B 172ms
172ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4627 0
127 B 172ms
171ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 4627 0
127 B 171ms
171ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 200 log Show response
play.google.com/ Frame 4844 131 B
155 B 92ms
50ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Xp6XMgasO8Y.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhErt4lhzQrNOOmjtn7BEucLp_Jiw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 17 Mar 2022 15:44:02 GMT

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 62F1 160 B
883 B 171ms
171ms Document
text/html 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/

Response headers

correlation-id: fa0333cfa03db
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: fa0333cfa03db
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
date: Thu, 17 Mar 2022 15:44:02 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4020-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1647531843.516090,VS0,VE165
vary: Accept-Encoding
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-encoding: br

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 68A3
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_0f097419b3_mtu6ndq6mda&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_0f097419b3_mtu6ndq6mda&s=SMART_PAYMENT_BUTTONS

42 B
299 B

106ms
34ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_0f097419b3_mtu6ndq6mda&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=silver&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZibTY5aWc4bk1STG1aS1MtUW9PTnE3cUlIUHFscFlKMWwzdnl4RV9sYS1VWlBVX2VFa0tIMkhScEhGa2w3U05KOGFfZUt2RGtjVDktTXkmbWVyY2hhbnQtaWQ9NDJXMlhSR0UzUUVTVSZjdXJyZW5jeT1FVVImZGlzYWJsZS1mdW5kaW5nPXZlbm1vJmxvY2FsZT1lbl9VUyZpbnRlbnQ9dG9rZW5pemUmdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3BsdHJtZ2hqZXVtYWxsb2lzc2RqaHR0cHVtYnpkaCJ9fQ&clientID=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&sdkCorrelationID=f99490163b7ca&storageID=uid_1bdc7a0ec6_mtu6ndq6mda&sessionID=uid_0f097419b3_mtu6ndq6mda&buttonSessionID=uid_6ef0de5de5_mtu6ndq6mda&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiNWY3MWI5Zjk3YzU3NjA5Y2M2NGUyMTI5YTcyNmZlZTVjYmE5MjUwNiIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=EUR&intent=tokenize&commit=true&vault=true&disableFunding.0=venmo&merchantID.0=42W2XRGE3QESU&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 15:44:02 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_0f097419b3_mtu6ndq6mda&s=SMART_PAYMENT_BUTTONS
Date: Thu, 17 Mar 2022 15:44:02 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame D809 852 B
1 KB 209ms
208ms Ping
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

782ff3b6c9187a108c072fb0fac8b266acbfbdec0cd59c634e8a2543cb77569e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=silver&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZibTY5aWc4bk1STG1aS1MtUW9PTnE3cUlIUHFscFlKMWwzdnl4RV9sYS1VWlBVX2VFa0tIMkhScEhGa2w3U05KOGFfZUt2RGtjVDktTXkmbWVyY2hhbnQtaWQ9NDJXMlhSR0UzUUVTVSZjdXJyZW5jeT1FVVImZGlzYWJsZS1mdW5kaW5nPXZlbm1vJmxvY2FsZT1lbl9VUyZpbnRlbnQ9dG9rZW5pemUmdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3BsdHJtZ2hqZXVtYWxsb2lzc2RqaHR0cHVtYnpkaCJ9fQ&clientID=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&sdkCorrelationID=f99490163b7ca&storageID=uid_1bdc7a0ec6_mtu6ndq6mda&sessionID=uid_0f097419b3_mtu6ndq6mda&buttonSessionID=uid_6ef0de5de5_mtu6ndq6mda&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiNWY3MWI5Zjk3YzU3NjA5Y2M2NGUyMTI5YTcyNmZlZTVjYmE5MjUwNiIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=EUR&intent=tokenize&commit=true&vault=true&disableFunding.0=venmo&merchantID.0=42W2XRGE3QESU&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f9607319ee74a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4051-HHN
x-timer: S1647531843.552058,VS0,VE192
etag: W/"354-+mTjWhLIuFySOjAr1AEz9U5Cjlk"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 29 B
876 B 23ms
23ms Fetch
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.678514a0cd01.vendors~sentry.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

979838a158748688b0f09e2ce89e912cf282093cf8af3c65bc59db67de8de7a0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 15:44:02 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 53715c0a-6567-4d82-b012-b83625e3507f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.heart.org
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 29
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK generic Show response
app.cybba.solutions/event/852/ 200 B
510 B 286ms
98ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/852/generic?data=%7B%22userId%22%3A%225091755939314195%22%2C%22sessionId%22%3A%22824772104931488531%22%2C%22type%22%3A%22generic%22%2C%22generic%22%3A%7B%22event_name%22%3A%22zandruid%22%2C%22itemId%22%3A%221785056087851491962%22%7D%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=53563623

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/heart.org/loader.min.js?v=36068

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

0a3b02030623edef416ca86ac10007b7b9181f412a530276d86a3f06f940124b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 15:44:02 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 200
Expires: Thu, 17 Mar 2022 15:44:01 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 62F1 56 KB
19 KB 8ms
8ms Script
application/javascript 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5a9fe372bcff9fdc9196edad388df17256dda91a192654f4ec796bff77b1569c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58744
x-cache: HIT
paypal-debug-id: 5330b0a2ed6e9
x-cache-hits: 35277
access-control-allow-methods: GET
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19345
via: 1.1 varnish
x-served-by: cache-hhn4020-HHN
last-modified: Tue, 01 Mar 2022 17:38:12 GMT
x-timer: S1647531843.698660,VS0,VE1
etag: W/"621e5a04-de78"
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 15:44:02 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 62F1 125 B
603 B 193ms
193ms XHR
application/json 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4e1b75b68a49bd6b721712de809218a7ecdb332d8f4cf7a6528aefa960d5d07d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 15:44:02 GMT
via: 1.1 varnish
correlation-id: 71717893f8ebe
x-served-by: cache-hhn4020-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 71717893f8ebe
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
content-type: application/json
content-length: 125
x-cache-hits: 0

POST
H2 200 e Show response
c.paypal.com/v1/r/d/b/ Frame 62F1 15 B
175 B 165ms
164ms XHR
application/json 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
via: 1.1 varnish
correlation-id: a207a6d7188ad
x-served-by: cache-hhn4020-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
content-type: application/json
paypal-debug-id: a207a6d7188ad
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
content-length: 15
x-cache-hits: 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 62F1 0
112 B 259ms
229ms Image
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_0f097419b3_mtu6ndq6mda&s=SMART_PAYMENT_BUTTONS

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F48) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
correlation-id: 26f790f0c75e3
server: ECAcc (frc/8F48)
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 26f790f0c75e3
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc=,x-cdn;desc=edgecast,edge;dur=224
timing-allow-origin: *
content-length: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame D809 847 B
799 B 199ms
198ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ad64b80efed1838cb3649d06bc6f4df0491270e61776f8d1ac8e6b7788b4f8f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=silver&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWZibTY5aWc4bk1STG1aS1MtUW9PTnE3cUlIUHFscFlKMWwzdnl4RV9sYS1VWlBVX2VFa0tIMkhScEhGa2w3U05KOGFfZUt2RGtjVDktTXkmbWVyY2hhbnQtaWQ9NDJXMlhSR0UzUUVTVSZjdXJyZW5jeT1FVVImZGlzYWJsZS1mdW5kaW5nPXZlbm1vJmxvY2FsZT1lbl9VUyZpbnRlbnQ9dG9rZW5pemUmdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3BsdHJtZ2hqZXVtYWxsb2lzc2RqaHR0cHVtYnpkaCJ9fQ&clientID=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&sdkCorrelationID=f99490163b7ca&storageID=uid_1bdc7a0ec6_mtu6ndq6mda&sessionID=uid_0f097419b3_mtu6ndq6mda&buttonSessionID=uid_6ef0de5de5_mtu6ndq6mda&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiNWY3MWI5Zjk3YzU3NjA5Y2M2NGUyMTI5YTcyNmZlZTVjYmE5MjUwNiIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=EUR&intent=tokenize&commit=true&vault=true&disableFunding.0=venmo&merchantID.0=42W2XRGE3QESU&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

date: Thu, 17 Mar 2022 15:44:02 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f960731cdb02d
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4051-HHN
x-timer: S1647531843.766338,VS0,VE189
etag: W/"34f-Qjq/sJn08cBsGYDVWayMSSqMSXM"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

GET
H2 200 m-outer-9fe86c29346daf61dc2cc0586b4fad18.html Show response
js.stripe.com/v3/ Frame B25B 240 B
547 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1dda2cecb8f0322c2b59a817ac9d9fa234b3792ff094b1a401b3862d3cf157dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

last-modified: Fri, 11 Mar 2022 19:55:40 GMT
etag: "9fe86c29346daf61dc2cc0586b4fad18"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 17 Mar 2022 15:44:02 GMT
via: 1.1 varnish
age: 57823
x-request-id: 4506e254-f4ca-4682-a1ae-ea13b9edf100
x-served-by: cache-hhn4020-HHN
x-cache: HIT
x-cache-hits: 27985
vary: Accept-Encoding
timing-allow-origin: *
content-length: 140

POST
H2 200 0 Show response
r.stripe.com/ Frame 4627 0
127 B 172ms
172ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/936930558/ 2 KB
1 KB 50ms
50ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/936930558/?random=1647531842232&cv=9&fst=1647531842232&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&auid=178462528.1647531839&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1d4a36b8fc4ca86fa83216a410512ba7b2b986b5d0d64d5e98fb54980d121669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CLSFhbK-zfYCFRaYhQodnX0DZQ;src=9239798;type=chekopen;cat=ahase0;ord=9804078728994;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2... Show response
9239798.fls.doubleclick.net/ Frame A42E
Redirect Chain

https://9239798.fls.doubleclick.net/activityi;src=9239798;type=chekopen;cat=ahase0;ord=9804078728994;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F...
https://9239798.fls.doubleclick.net/activityi;dc_pre=CLSFhbK-zfYCFRaYhQodnX0DZQ;src=9239798;type=chekopen;cat=ahase0;ord=9804078728994;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E0...

607 B
490 B

52ms
52ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9239798.fls.doubleclick.net/activityi;dc_pre=CLSFhbK-zfYCFRaYhQodnX0DZQ;src=9239798;type=chekopen;cat=ahase0;ord=9804078728994;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9239798&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

ef973d2ed848b1c016035f99030f76de9ef27bf7657312d85ae405ec09561ece

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 17 Mar 2022 15:44:03 GMT
expires: Thu, 17 Mar 2022 15:44:03 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 467
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 17 Mar 2022 15:44:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9239798.fls.doubleclick.net/activityi;dc_pre=CLSFhbK-zfYCFRaYhQodnX0DZQ;src=9239798;type=chekopen;cat=ahase0;ord=9804078728994;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CKrahbK-zfYCFVKfhQod8SILeQ;src=6259436;type=chekopen;cat=ahado0;ord=5651590283438;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2... Show response
6259436.fls.doubleclick.net/ Frame E805
Redirect Chain

https://6259436.fls.doubleclick.net/activityi;src=6259436;type=chekopen;cat=ahado0;ord=5651590283438;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F...
https://6259436.fls.doubleclick.net/activityi;dc_pre=CKrahbK-zfYCFVKfhQod8SILeQ;src=6259436;type=chekopen;cat=ahado0;ord=5651590283438;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E0...

607 B
490 B

57ms
57ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6259436.fls.doubleclick.net/activityi;dc_pre=CKrahbK-zfYCFVKfhQod8SILeQ;src=6259436;type=chekopen;cat=ahado0;ord=5651590283438;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6259436&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

a7dc7fce45bed5fa7757e0590fc0d0e329ee01d707994147cbf231991fbf5a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 17 Mar 2022 15:44:03 GMT
expires: Thu, 17 Mar 2022 15:44:03 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 467
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 17 Mar 2022 15:44:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6259436.fls.doubleclick.net/activityi;dc_pre=CKrahbK-zfYCFVKfhQod8SILeQ;src=6259436;type=chekopen;cat=ahado0;ord=5651590283438;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 btp.js Show response
www.rtb123.com/tags/4E98FE08-F988-4E87-A752-749BE3251940/ 3 KB
1 KB 109ms
108ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/4E98FE08-F988-4E87-A752-749BE3251940/btp.js
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rtb123.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 59955dbff32264466c89071184c4388e8a640649369820dd4d4cd362ea04283b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Thu, 17 Mar 2022 15:44:02 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 13:14:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0ea593ea1a8d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1127

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 720F 0
181 B 101ms
31ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vy0u2pj&ref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&upid=pve3oem&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

date: Thu, 17 Mar 2022 15:44:03 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame E5AD 0
182 B 99ms
30ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=7ikm8d0&ref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&upid=c4u3880&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

date: Thu, 17 Mar 2022 15:44:03 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 692D 0
181 B 98ms
31ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ozigltp&ref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&upid=4lnsnax&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

date: Thu, 17 Mar 2022 15:44:03 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 17BF 0
181 B 97ms
30ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vy0u2pj&ref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&upid=pve3oem&upv=1.1.0&v=&td1=&td2=&td3=Checkout%20Open
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

date: Thu, 17 Mar 2022 15:44:03 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 csp-report
q.stripe.com/ Frame B25B 0
356 B 169ms
169ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.heart.org
URL: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_source=&utm_medium=email&utm_campaign=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:03 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 0
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame D6E2 0
181 B 88ms
31ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vy0u2pj&ref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&upid=pve3oem&upv=1.1.0&v=&td1=&td2=&td3=Checkout%20Open
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/

Response headers

date: Thu, 17 Mar 2022 15:44:03 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 m-outer-7345858512d328389831b5c353d30a99.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B25B 1 KB
800 B 10ms
10ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-7345858512d328389831b5c353d30a99.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 39
x-cache: HIT
content-length: 645
etag: "d0c7e21ec457b6a134a496f107c3ca93"
x-request-id: f5a583e5-61f1-438c-8567-3e9170e9560e
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Mon, 07 Mar 2022 20:10:26 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:02 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 91

GET
H3

200

/
www.google.de/pagead/1p-conversion/936930558/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/936930558/?random=1528831774&cv=9&fst=1647531842232&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/936930558/?random=1528831774&cv=9&fst=1647531842232&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.de/pagead/1p-conversion/936930558/?random=1528831774&cv=9&fst=1647531842232&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

85ms
85ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/936930558/?random=1528831774&cv=9&fst=1647531842232&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&auid=178462528.1647531839&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=QlczYuHeOI-8x_APlrCnqAo&cid=CAQSKQCNIrLMKzBd4RU08mirT8QMDYY-rxdf2_T8PqA6qxyn6jq_0k8TuB5X&random=3992305033&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hB1QRKZghHBya_UMrWsbaZ88QvrAxFnK2yDUMMKUDK3_a1A20dUMo8PBYcmXx2aORT0srZ9fUV72x4xA_PqWOPl

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/936930558/?random=1528831774&cv=9&fst=1647531842232&num=1&label=fqxKCMqhg4ACEP7Z4b4D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue&frm=0&url=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail&tiba=Ways%20to%20Give%20%7C%20Make%20a%20Donation%20%7C%20American%20Heart%20Association&auid=178462528.1647531839&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=QlczYuHeOI-8x_APlrCnqAo&cid=CAQSKQCNIrLMKzBd4RU08mirT8QMDYY-rxdf2_T8PqA6qxyn6jq_0k8TuB5X&random=3992305033&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hB1QRKZghHBya_UMrWsbaZ88QvrAxFnK2yDUMMKUDK3_a1A20dUMo8PBYcmXx2aORT0srZ9fUV72x4xA_PqWOPl
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame D126 932 B
2 KB 9ms
8ms Document
text/html 2600:9000:2156:a600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-7345858512d328389831b5c353d30a99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:a600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 932
last-modified: Mon, 07 Mar 2022 19:04:54 GMT
accept-ranges: bytes
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
date: Thu, 17 Mar 2022 15:42:47 GMT
cache-control: max-age=300, public
etag: "f6254e6dd0cb06228801a1c8baf0939f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 45MyXqB6hrqrqqhTW6lUfTGmhsqBTG7vVAewJvAdXf4Oq4hgeY2CMg==
age: 76

POST
H2 200 csp-report
q.stripe.com/ Frame D126 0
130 B 169ms
169ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Mar 2022 15:44:03 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame D126 85 KB
14 KB 10ms
10ms Script
text/javascript 2600:9000:2156:a600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:a600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 178
x-cache: Hit from cloudfront
date: Thu, 17 Mar 2022 15:41:14 GMT
last-modified: Mon, 07 Mar 2022 19:04:56 GMT
server: Cloudfront
etag: W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: B0Pnnq4uNNA7n5T_HnEzZbSr-QT_qTJPs5z__Cl4E9pakIJdv6aBlQ==

POST
H2 200 6 Show response
m.stripe.com/ Frame D126 156 B
521 B 171ms
171ms XHR
application/json 34.216.95.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.95.44 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-95-44.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8b588d8c63f911dfbf110aa0f029c758fcbaac0d0fd3406d1a6a1292a2ba3a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:03 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 dc_pre=CLSFhbK-zfYCFRaYhQodnX0DZQ;src=9239798;type=chekopen;cat=ahase0;ord=9804078728994;gtm=2od3g0;auiddc=*;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-inv...
adservice.google.com/ddm/fls/z/ Frame A42E 42 B
63 B 131ms
84ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLSFhbK-zfYCFRaYhQodnX0DZQ;src=9239798;type=chekopen;cat=ahase0;ord=9804078728994;gtm=2od3g0;auiddc=*;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail

Requested by

Host: 9239798.fls.doubleclick.net
URL: https://9239798.fls.doubleclick.net/activityi;dc_pre=CLSFhbK-zfYCFRaYhQodnX0DZQ;src=9239798;type=chekopen;cat=ahase0;ord=9804078728994;gtm=2od3g0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9239798.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CKrahbK-zfYCFVKfhQod8SILeQ;src=6259436;type=chekopen;cat=ahado0;ord=5651590283438;gtm=2od3e0;auiddc=*;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-inv...
adservice.google.com/ddm/fls/z/ Frame E805 42 B
63 B 91ms
86ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKrahbK-zfYCFVKfhQod8SILeQ;src=6259436;type=chekopen;cat=ahado0;ord=5651590283438;gtm=2od3e0;auiddc=*;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail

Requested by

Host: 6259436.fls.doubleclick.net
URL: https://6259436.fls.doubleclick.net/activityi;dc_pre=CKrahbK-zfYCFVKfhQod8SILeQ;src=6259436;type=chekopen;cat=ahado0;ord=5651590283438;gtm=2od3e0;auiddc=178462528.1647531839;u5=22I1W3AEMG;u6=DDR_E03a_mar22_em1_gen;~oref=https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6259436.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 15:44:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pageview Show response
app.cybba.solutions/event/852/ 200 B
510 B 289ms
99ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/852/pageview?data=%7B%22userId%22%3A%225091755939314195%22%2C%22sessionId%22%3A%22824772104931488531%22%2C%22type%22%3A%22pageview%22%2C%22url%22%3A%22https%3A%2F%2Fwww.heart.org%2Fen%2Fget-involved%2Fways-to-give%3Fform%3DFUNFQSZWRFW%26s_src%3D22I1W3AEMG%26s_subsrc%3DDDR_E03a_mar22_em1_gen%26sc_camp%3D5588B7A707CD4773E67277371D719056%26utm_medium%3Demail%22%2C%22generic%22%3A%7B%22itemId%22%3A%22DE%7CHesse%22%7D%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=22435895

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/heart.org/loader.min.js?v=36068

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

0a3b02030623edef416ca86ac10007b7b9181f412a530276d86a3f06f940124b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 15:44:03 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 200
Expires: Thu, 17 Mar 2022 15:44:02 GMT

GET
H2 200 trusted-types-checker-d94f0d11e834f7fa478e6019ceb5f82f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0171 174 B
423 B 7ms
6ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-d94f0d11e834f7fa478e6019ceb5f82f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

414920313c75c6d7e67834792991545719672c8552735628553bc5033255a0f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 24
x-cache: HIT
content-length: 120
etag: "c09952c736b1c994b451192b7801b692"
x-request-id: 2f605513-58b5-48c5-8e7b-85b1840ce095
x-served-by: cache-hhn4020-HHN
access-control-allow-origin: *
last-modified: Tue, 08 Mar 2022 20:28:44 GMT
server: Fastly
date: Thu, 17 Mar 2022 15:44:06 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

POST
H2 200 0 Show response
r.stripe.com/ Frame FDFE 0
127 B 171ms
170ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-58c42dfbd0cec8572a5aefcf86e0ccee.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 17 Mar 2022 15:44:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 DR_March_lightbox.jpg
www.heart.org/-/media/Direct-Response-Images/March-2022/ 84 KB
84 KB 238ms
238ms Image
image/jpeg 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Direct-Response-Images/March-2022/DR_March_lightbox.jpg?h=479&w=900&hash=17C65F7032102D6564E916AA0B79424C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4264d4a7322771b6e0882fa1efceb48f95d9764fb46d53fbe8e65ca80620ba9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:06 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Tue, 22 Feb 2022 13:45:01 GMT
x-amz-cf-pop: FRA50-C1
etag: 90b6fb2072174bb98ffb203104f9dc8b
x-azure-ref: 0RlczYgAAAACKJMZhRy43RIUHxFLCDzlsTE9OMjFFREdFMDIxMgBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=604800
content-disposition: inline; filename="DR_March_lightbox.jpg"
accept-ranges: bytes
content-length: 85774
x-amz-cf-id: PIUudvvTlcyc6Od9DxaBogHe7AhAy32KV8ryz53UjzPxdQelrwiryw==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

POST
H3 200 resolve Show response
api.fundraiseup.com/widget/v4/ 612 B
731 B 131ms
130ms XHR
application/json 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/widget/v4/resolve?key=ARMPCVPV&livemode=true

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.678514a0cd01.vendors~sentry.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86a30564aaade2f54f1731f36d3e36591d37b9df7e134ab3bdacbe86f17ff0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:06 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, x-xsrf-token
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.heart.org
access-control-max-age: 86400
access-control-allow-credentials: true
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6ed6d91a1bb3906d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 tb
fndrsp.net/ 2 B
525 B 127ms
127ms Ping
text/plain 104.26.8.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/ARMPCVPV

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.heart.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 15:44:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EbPEkV2zrqMUoqMlN8YJz9l6tIW621d2OEWawFFqrelx2FnlxUHdjEP7OD3qVQI2SiNSMNnTungp8PiZvUkD8rXLwnRCyHre3qGldr7IxyjqsvqUd%2F9Fz%2B4Ie8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.heart.org
access-control-allow-credentials: true
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6ed6d91b88c29be9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 DR_March_lightbox.jpg
www.heart.org/-/media/Direct-Response-Images/March-2022/ 84 KB
84 KB 13ms
12ms Image
image/jpeg 2600:9000:2156:f400:1a:380b:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heart.org/-/media/Direct-Response-Images/March-2022/DR_March_lightbox.jpg?h=479&w=900&hash=17C65F7032102D6564E916AA0B79424C
Requested by: Host: www.heart.org
URL: https://www.heart.org/dist/common/app.bundle.js?v=1.28.2.32175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:1a:380b:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4264d4a7322771b6e0882fa1efceb48f95d9764fb46d53fbe8e65ca80620ba9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heart.org/en/get-involved/ways-to-give?form=FUNFQSZWRFW&s_src=22I1W3AEMG&s_subsrc=DDR_E03a_mar22_em1_gen&sc_camp=5588B7A707CD4773E67277371D719056&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:44:06 GMT
via: 1.1 fra1-bit25, 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Tue, 22 Feb 2022 13:45:01 GMT
age: 1
etag: 90b6fb2072174bb98ffb203104f9dc8b
x-azure-ref: 0RlczYgAAAACKJMZhRy43RIUHxFLCDzlsTE9OMjFFREdFMDIxMgBiMWUwNjg5Yi0wNGRlLTQ3ZDUtOWQ4OC0wZjU5ZjEyZjkzNjU=
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=604800
content-disposition: inline; filename="DR_March_lightbox.jpg"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 85774
x-amz-cf-id: TS8_v5F5DqIxis73v7oYCTU89IoBsIDxnMozDK5qI1OUMd9SazxqHg==
request-context: appId=cid-v1:7e92cb02-95e3-4002-9d31-a94a8906131f

Verdicts & Comments Add Verdict or Comment

260 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.heart.org/	1969-12-31 23:59:59	Name: heart#lang Value: en
www.heart.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: xoqlz5l32cjfylhgwyswups1
www.heart.org/	1970-01-23 17:14:51	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 3768320ccae046fe9e3317caf461b326\|False
www.heart.org/	1969-12-31 23:59:59	Name: heart.org_consumedSession Value: {FB72114D-865F-4A9D-B6AF-9E30B2F62A02}
.www.heart.org/	1969-12-31 23:59:59	Name: ARRAffinity Value: 36c1f67f56e94520a7fc2a8c64c64d24f3d68a98940e7f63578774151d0c83a8
.www.heart.org/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 36c1f67f56e94520a7fc2a8c64c64d24f3d68a98940e7f63578774151d0c83a8
.www.heart.org/	1969-12-31 23:59:59	Name: TS01ba5690 Value: 01561d7506c46613077b2c4db63979530c94d4247508aae1e45605b1f0e76fd6a3b00973a669a09878b7511ef7146191414b1cd1d49c7e4aa0413be295334b4a78a66bd179a4c0d75e3581c63f1df076ea36f1a35d
www.heart.org/	1969-12-31 23:59:59	Name: TS01794ec7 Value: 013b6e5212e13b229116fdab18532b797fa98cfcb40896b462614356d5609f98da0edeccf3470c0d84ec39feddc254fc2437fca171
.heart.org/	1970-01-23 17:14:51	Name: fundraiseup_cid Value: 16475318390553516962
.heart.org/	1970-01-20 03:48:27	Name: _gcl_au Value: 1.1.178462528.1647531839
.heart.org/	1970-01-20 19:10:03	Name: _ga Value: GA1.2.511734531.1647531839
.heart.org/	1970-01-20 01:40:18	Name: _gid Value: GA1.2.18302485.1647531839
.heart.org/	1970-01-20 01:38:51	Name: _dc_gtm_UA-12551341-7 Value: 1
.heart.org/	1970-01-20 03:48:27	Name: _fbp Value: fb.1.1647531839576.529999894
.heart.org/	1970-01-20 10:24:27	Name: _hjSessionUser_1023445 Value: eyJpZCI6IjFkNDQ0YzY0LWM4NTktNWQxOC05Y2U1LTc3OGNjZmFiMDI0MyIsImNyZWF0ZWQiOjE2NDc1MzE4Mzk1MjAsImV4aXN0aW5nIjpmYWxzZX0=
.heart.org/	1970-01-20 01:38:53	Name: _hjFirstSeen Value: 1
www.heart.org/	1970-01-20 01:38:51	Name: _hjIncludedInSessionSample Value: 0
.heart.org/	1970-01-20 01:38:53	Name: _hjSession_1023445 Value: eyJpZCI6IjNmZGJmOTYzLTU5N2ItNDM4Zi05M2QyLWY4ODhhNTc1YWMyMyIsImNyZWF0ZWQiOjE2NDc1MzE4Mzk2NDUsImluU2FtcGxlIjpmYWxzZX0=
.heart.org/	1970-01-20 01:38:53	Name: _hjAbsoluteSessionInProgress Value: 0
.adnxs.com/	1970-01-20 03:48:27	Name: uuid2 Value: 1785056087851491962
.heart.org/	1969-12-31 23:59:59	Name: fundraiseup_session Value: {%22t%22:%22.heart.org%22%2C%22u%22:%22EqBgKcTSeljoDNAI%22%2C%22ua%22:%221647531839217%22%2C%22s%22:%221647531839217%22%2C%22sp%22:%221647531839217%22%2C%22p%22:%22dxhCfrGnyZwuzCcq%22%2C%22pa%22:%221647531839217%22%2C%22x%22:%2220%22}
.adnxs.com/	1970-01-20 03:48:27	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2HaLKPl7I!@wnf-Te9(>wL5L!!'/x$U.U'
.heart.org/	1970-01-20 01:38:51	Name: _gat_gtag_UA_12551341_7 Value: 1
.doubleclick.net/	1970-01-20 11:00:27	Name: IDE Value: AHWqTUkrE8uBsgDVgZPbUfxy5ugPmP8U-zM0WQ8PsEwwk19MBotCHnEM9uYpfgbp
.www.heart.org/	1969-12-31 23:59:59	Name: _vt_shop Value: 852
.google.com/	1970-01-20 06:02:23	Name: NID Value: 511=Hv1T_kgBU6Kdj9HIUCfu0CxtHf_6Y5SIQid7Ayj2SGRmU3Lj8w1YfoqstSgMiOT4lWTL0i1UgzEVNnJvaeruZcrn2IdlOh1ze9SofaXKrFU5A4HbyTIDoL7K02bH0iYfXJGG4cQ5QIZf88J-qpCLa-QKjEHe3pUvJYveCSWa2Dg
.www.heart.org/	1970-01-20 10:24:27	Name: _vt_user Value: 5091755939314195_824772104931488531_false_false
.paypal.com/	1970-01-20 01:38:53	Name: l7_az Value: dcg13.slc
m.stripe.com/	1970-01-20 19:10:03	Name: m Value: 43b04a1e-e9ef-457b-adb7-3ac71a7dbee0f16d9c
.www.heart.org/	1970-01-20 10:24:27	Name: __stripe_mid Value: 9f459fc3-ef98-4c0c-8fe7-f1858bf3ea3ed21be2
.www.heart.org/	1970-01-20 01:38:53	Name: __stripe_sid Value: a89b0c99-63da-4617-b3ad-23ad842a0a11fe7e52
.paypal.com/	1970-01-20 10:24:27	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 01:39:23	Name: LANG Value: de_DE%3BDE
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY0NzUzMTg0MjMxMSIsImwiOiIwIiwibSI6IjAifQ
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AJ90aMzusqz2nGr9t20-cvBsb91muIaf6.imbBw80vHjbh0TnGf5BnJ56vHEOUYXMqX8AI%2FO023Ms
.paypalobjects.com/	1970-01-20 01:40:18	Name: paypal-offers--cust Value: null:null:null
.paypal.com/	1970-01-20 01:43:11	Name: tsrce Value: loggernodeweb
.paypal.com/	1970-01-21 03:55:39	Name: ts Value: vreXpYrS%3D1742226242%26vteXpYrS%3D1647533642%26vr%3D988cdc5417f0a27587748baff990b372%26vt%3D988cdc5417f0a27587748baff990b371%26vtyp%3Dnew
.paypal.com/	1970-01-21 03:55:39	Name: ts_c Value: vr%3D988cdc5417f0a27587748baff990b372%26vt%3D988cdc5417f0a27587748baff990b371
.heart.org/	1970-01-20 01:39:35	Name: CYB_ID Value: 5091755939314195
.c.paypal.com/	1970-01-21 21:26:51	Name: sc_f Value: HLGoVjgKJyiwCj4U_thbv2S_WvEDiH1jy4M8leFmxssHg6l-7k9mIBMo9HGpk_UT1oRon37wthm0cfgMBIiALtLwJ9VVw-fGC1ofaG
.paypal.com/	1970-01-27 08:50:51	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: rlf0KgP6h4CNQulyopGvbxai3km7Daj7TGu3MNau4vpFo-Kuxgx824E5HoRWewUGtGDMb_G61IjtyKXg
.heart.org/	1970-01-20 01:38:59	Name: c_64ei Value: ZmFsc2U=
.heart.org/	1970-01-20 01:41:44	Name: CYB_AB Value: 1
.heart.org/	1970-01-20 01:39:35	Name: cybSessionID Value: 824772104931488531

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://static.fundraiseup.com/69.25843d6b84fb.checkoutForm.js Message: Allow attribute will take precedence over 'allowpaymentrequest'.
other	warning	URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-9239798&l=dataLayer&cx=c(Line 40) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-6259436&l=dataLayer&cx=c(Line 40) Message: Unrecognized feature: 'attribution-reporting'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-9239798&l=dataLayer&cx=c(Line 40) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-6259436&l=dataLayer&cx=c(Line 40) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6259436.fls.doubleclick.net
9239798.fls.doubleclick.net
acdn.adnxs.com
adservice.google.com
api.fundraiseup.com
app.cybba.solutions
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.fundraiseup.com
click.heartemail.org
connect.facebook.net
d2rp1k1dldbai6.cloudfront.net
dub.stats.paypal.com
extend.vimeocdn.com
files1.cybba.solutions
fndrsp-checkout.net
fndrsp.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
js.stripe.com
m.stripe.com
m.stripe.network
pay.google.com
play.google.com
pro.ip-api.com
q.stripe.com
r.stripe.com
script.hotjar.com
secure.adnxs.com
secure.rating-widget.com
sentry.fundraiseup.com
static.cloud.coveo.com
static.fundraiseup.com
static.heart.org
static.hotjar.com
stats.g.doubleclick.net
t.paypal.com
ucarecdn.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.heart.org
www.paypal.com
www.paypalobjects.com
www.rtb123.com
104.22.0.244
104.26.8.138
108.157.1.118
13.111.134.105
138.197.61.175
142.250.185.166
142.250.185.226
143.204.98.32
143.204.98.33
143.204.98.35
143.204.98.76
143.204.98.78
147.135.78.45
151.101.128.176
151.101.14.109
151.101.193.108
151.101.193.35
151.101.65.21
172.67.74.72
184.25.114.184
185.33.220.244
185.33.221.88
192.229.221.25
2600:9000:2156:a600:19:7d10:bd80:93a1
2600:9000:2156:ca00:d:87ae:bb80:21
2600:9000:2156:f400:1a:380b:6e00:93a1
2606:4700:3031::ac43:990b
2a00:1450:4001:801::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c00::5c
2a00:1450:400c:c01::9c
2a02:26f0:6c00::210:ba1b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.216.95.44
51.77.64.70
52.223.40.198
54.186.23.98
64.4.245.84
67.225.220.126
84.17.46.53
0157ef16f507de35a2b47f159c3686f13b7c6757d38d6e02a3062f93127b8f0c
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05d2910942620cbc1eb26cdf166c768dec2c95755a8379742ee34386d07084c9
0a3b02030623edef416ca86ac10007b7b9181f412a530276d86a3f06f940124b
0db90304d9188c326ca4fe74063f6e26467e7d41ce9ab3903a01a4fa2d256c87
0e7bea15090230d6990b532739ca0437a5b5433333513a6a2a7968184b001008
0eca9aacc8c93e129336f815ae601e17121cc6c4e4906e3d5aab286249e6aebc
0ecde91d88dbb2ac0fee3fd1fbb92977853f7e91ba1977c2c33b04d237165693
0faa231d2e1618d382b7e2eeed4244ebad6f9c78df86e153b90e6e20d218bfce
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
14c1a3e9987ab5fe14bb64134e50a6bc9df11d415b500fa0ac8ad9e7e0b35b60
14e061144f70007a1a44afca7d506b913e710e9054ff6a01beb1dc70d06310f8
1aa36cfff1410ce902a10a8c6ed2b50b4126f4f7d0432e6d8a66756365cba8ee
1b4ecfc977026a8aee425779df4f4eebd3df6c064997cda150b2220983a39bd9
1b8f3d676f1df1ca5867197fb16660fe565e70b9c6cd4176985a522df98e6d14
1c0d8411c34a87412af2c0d12b14f405edcb333b02fba4f38a80e49f86c3fc90
1d4a36b8fc4ca86fa83216a410512ba7b2b986b5d0d64d5e98fb54980d121669
1d964ba964b0ac1e67f7db89196617003ce7138dcc294f01429c1a41fe0d0f48
1dda2cecb8f0322c2b59a817ac9d9fa234b3792ff094b1a401b3862d3cf157dc
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
221f757bf12cbfef535da24b4025706b0339d5693a6e76eff6ae6a43bc542487
225b015805bba46da83b81f808d5e0db7292f5f5f903c62a882d29461452bd95
23bfcecbdebbd0141036e613fd3677defae7d220f3da99692023d8915b738540
24e0235323ec7b6fd5ade8b32b8a0798f10e3d6be5de7d7a18dfc9aedde6085b
256e5293ce6f7878cfeffa03b1e7a6b9231120f9cf56b5688f2f8415bb5d0e9c
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
282df3d7845ef5cc7a6fad733f6d2b2e25668bc901c319e1e6788e0337b5f105
283d3f8c188514bfb3d7ccd3506a04584d8ef53f74f7722f8d8ed176d674d322
29439d371683188ece811811b30178f817220949d3e7763ef2386b9499b0b2fc
296d78381423b44f08f12bee00cb0560b1d6d7965d240a0bd68467657892283e
2aac310d97170380ed7522403f291d7048f1af838c625008374c875430c4ffeb
2c7e31ab62e6371cd347d9cd75a72263c25ba7846c5038a0fd57d49e1df665fb
2e9dddca45003db055a2e790b13c641e06ab6d4a6915ea7b22f4341fe753163e
319cfe60bbe92497d3ad526fb4b252ed14f9f3e64e7493712382fba2ac21d97f
371fc137c5bc48afcbff6db48fa78b1af332031409d65f5fc3b22914539b0376
377fd3f9bf4c9fc74fa016e7c100607751e2825da603e7dee441cc39b010e8cc
39f68d60e8dd30360cffa3ec31431fbc814676df94bd2d5a3068f92733cd530a
3adfaa9910b7ffe1cdade00c342d2593833e7cefd9093ce3b5eb5dca8cb59345
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
414920313c75c6d7e67834792991545719672c8552735628553bc5033255a0f4
4264d4a7322771b6e0882fa1efceb48f95d9764fb46d53fbe8e65ca80620ba9c
438ee7c09860040874be1e41d177b2e1d130020724a0e2da4a95142e4c99f06f
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
474b08d3c200c99a5833418a238c0b27898363849764c2e5adc6c5622848204a
4812cf4a078168d4a1338dc71eeb59def7a0699ac3535d3f6016e79832a054a0
4afac6d45cf228f8bb36270a57e33c331b0761ab40b4052cb3634ee488fcdc26
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c62fec6ec9425cf3d4314133659cbf2ab216df55899c7759298af56aa237060
4ce5b9319989a54d99a3c24436f57b79503156ac4880163b8b93462a9db65fb6
4deae550f590f3cc3882793557495b94eb2a20e5614bd020063670f3a053c5e2
4df9f1297805e967d119396d82dc2cd9ae754911f614ffaf8ef17f6d1fc23cec
4e1b75b68a49bd6b721712de809218a7ecdb332d8f4cf7a6528aefa960d5d07d
4f6f06de09e81fb1d8c1dfd1e80897627094415c402ea79cd5bfa501b692ff64
4ffc621fbaae854cb378753b4cc95a7d670ef67e6ed37dea4ddfe1c53f3feab4
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52a2b37a482791c5f79596a1b341323309287f13b69ba90779264b7dae9034f5
540233274b028e9f038e4fa8ef17e878cd4e60be17f8c1200d4a82582c3bba36
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59955dbff32264466c89071184c4388e8a640649369820dd4d4cd362ea04283b
5a9fe372bcff9fdc9196edad388df17256dda91a192654f4ec796bff77b1569c
5ba86bd1f4cc4f3a1575d2075a4474fa3b08bcb6d0b5a7b6e51100f7a3b59b95
5fef92ab74696bbbdb5256d3988f3871d43f843e0a98476c5a46a4ca235a9905
60e0a9a69b50284a34bd89b6427f5b75385d64e391ed2a163d6f9a540c83b7ac
65765eb8f9ba9cc4e8009405060a6210a79af0998827ead47422131162a5ac92
68097c201eb1a1697b219eec719aab8e8b65a50206d03a746d8487f6569b0e73
6869bcc3ec0bf6433e0000ff41c403f35673e79eeafb555b24c9f67ec33ccd89
6890fab1d52c1d4c6c40099619c2a67c2b87876e5c3556259bd9105b486fd939
6c212e843bdb3bee0e1543c19bccc591bfa0229b552ca8cf9800a8b7ff8a56f4
6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44
6d3029e680cfd4e101b07cf89c127633fb65cc6c9faa0561b2cb6e1df3d862e3
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f89902a61c0e2296ee7940b127721a099f122f289a14b02ede4b2bededdcf91
700a200b1ace0d45b888da31288dd2c5a28303a41096c348fd07c4885afac9c9
72455c531aaa7e1fceaaa3d445ce063c57f6e2e343d51060127baece6c051368
782ff3b6c9187a108c072fb0fac8b266acbfbdec0cd59c634e8a2543cb77569e
78df6aa1cbdc98e49fadf910b0b051c2ac5b22a002b9c4c0b7cf5b4403e9ac7f
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
799105d9893ab498a7c201f803a894b6621c98e8fade7bfa2e4fb49700769f1d
7b0e4fb8ab5722c00b34ab835d4beb230190be74c92a9aa757db4095535184fc
7fce8b205adf39e81fb11c6e324fd31228c860770b118744e3267b46f6dd6791
8131ceededcb0e2b057aa5b22a6677b2790ab6f65e5e651faccf38dc603443c1
823cdcf7d4007b6c8fc416a8e74a8618583abd8cb3f18d0e4bb4c19b40d0362e
8314c893aa0da9d7f0c8630985425f658cb94cac85465730550cad47860ecf14
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842340a8afa4a6486572d981f1abba57138d87ba83c3e5e0b2e50583de3ddeaf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a30564aaade2f54f1731f36d3e36591d37b9df7e134ab3bdacbe86f17ff0f3
87ce28c2ad8ff746f41d1cc737e9ab6fc2682513a426fe527d46748969202965
8a1048e00b84eb37f0a3205324b1a69830cfa5b1a6d6070bdf41426ce9fd980e
8b588d8c63f911dfbf110aa0f029c758fcbaac0d0fd3406d1a6a1292a2ba3a00
8c019af8452c5d3205e2e81cadd959b3168d77b3bb5d3a587582c30d4c941439
9200939b181a1d9edd107337ed102b6ea9f9d8bd480b7b7d48afd15377b95058
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
979838a158748688b0f09e2ce89e912cf282093cf8af3c65bc59db67de8de7a0
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
997324b19cae6cb030ce204ac1a81cc93c762f8ed579aad429853c8c5889f410
998202f8b91e3d739b0eb8eef0083ccd8fc2de9eef1c24bd02fad37c50f9c07b
99928e1d5c4f74371f9fc7b7456413620a6e9bef1d1cadd7ba623ae2a479c711
9a1871c5179f56238867da899625a5cf379c3ebb78e591e3c0091bb43c832adc
9b33226b475d8b19048982f2f251177c60f5aaa253514298d7978c9e865c58f8
9ef784fd6235d361e4661e2f5dee7cc6d77577985e08fd32ab55de96bd56c8c9
a0ea0ddb80386c4e40b4769898e7faac40d1189176137ec1636ab85ee1d6008c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a47074a7b880e0fcbbe50992029e2571050f96d5e249d202edc38ca02a5fcbe2
a4b749626aab6395c52aed1a8016aa5f6c4c8ca60cf771c0d8ce54202a53e725
a64b6e1efed753ce70b1285cd262962e2aaa816283f0f2beaa7b45b2f3e9d0c8
a6e7d3e0ecd7a88ce7490823659fae6619cc82003ec79c3af406c1f44102795e
a7dc7fce45bed5fa7757e0590fc0d0e329ee01d707994147cbf231991fbf5a95
a8f61353dd1566d3884a4341ffd3196531bbaa3537665c2e33e9ae01f4a01c04
aad6f5f2d529b930cae3fe6923bf64e21a740bd0d2dfc58e7dbb58559bd34e5a
ad64b80efed1838cb3649d06bc6f4df0491270e61776f8d1ac8e6b7788b4f8f8
afb40334fd3bfc28fa741c0f3cdfb71394fdcc772ece2c43b48518b4a7742d03
b1bdd65a5e3e7a05bfa5a414b2b19afe377a2845d8e78e34e6db65601ce47888
b1de7e26fa32d90f6a4a3ffc2335165000b3070d0c724a63f2261b69376c6abf
b2318a35f3a5066567bcd97cdd395879d38ee50094f7b257628828c22017aad9
b29b6035d0608397f849696b32e7fe490db08a7bda54822cb867bd900fcdd84b
b418bd211959f9bef97c58f329c935e4a0da4fc963b1fe8b8a9dd0a4cf68a923
b426100b8c51f4d157fbcd4b61fdae21a556db6944e4422f827335f7fbed48ee
b47be035ba2ab26942ad5decf492272affc97feb3d511a8e41a0e9a6ad5bf6b0
b4fda80c057f0e0308ea829f9352768ef646298b4aedd875e36fbc497487e8c2
b59191854f38e66c426c080f420a7c81a818b9b86310f88748ef05ea4195a48f
b6b48aecd028f633ef66cc4301631e61349638d60ed58b6e8280c2281c81134e
b712a90178343baeced58d55071a57044fd9b3617d92f3a5ae66d4fb32968e47
b81cca9f8e85db6ea1ee1c5c3115ce2dc3b52afb4bb6ea6eb06cdb8d8d315170
b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee
b9d36ec6b9214052857b2503e21e25b658bf4689cf9f89ebf512442ff6aab12e
bbbdfb617f128b6224eb8f90c9aae62eb5c30b0711d440fb4ccab964cdc2d801
c07865f147e10fd3daccab6fc7354194a020f323d676be3b9763e63c74ffd2bf
c178ff2fb77fde559a764e85ecde59bb12019428fe48daa24e09296e2236b4e0
c38e831272f5b7c4436af23dd41ec2ccd2de5d41a4fa79665ac7f85aa541b4a3
c5020ca534ae8bf5ab0a13f8733a99563e639e600a1669f426ce11d5c3023607
c63741ea2e6611237abd07674e1d1def44ad810eb9db801cb764165f8f3e24b5
c6ef62155c90bce76e8ad6235e7a8d1ec1fc121bb7f81a1df43e9d6c6b14c2e9
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c946bcb1203faef37d9fbf13f68b277e1d9f346601cc32a764b2ecccc152e71b
c9589e659d61c849965bde86987d78f79eefcbe6577c4a113d559116a5d4cafc
cab93130b0051f9a91596e19fe09258498c8be8365bf104e0a378fef71da1774
ccbc17f385961a51b9c36da52a5fe73602d83ae764b7c95982140d305fa6c986
cd47a41aea79cd38b270b3b53ff3fc260b2b31c3fc852022db5abb1dfb148a9f
d15ab44c364eccd372ba231b62cf944254cbc478e82fbfe07bdc91ff6ae8b1b7
d1c754a5037b79dac49c97661fcf87b2c1813ec5d406de92e48ee9785755377a
d400fe41c54895c8fdfc9ad4b08fc45b96a200962f09b1ec8a5a13e622bd5469
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d60732878bf0a08be5ce4a4f246b1b6971cecc0b2d6863da2875171519ea20e7
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
d97a284a814cdef1e74960ff7ee54f2009c58c26c76e6adb19f0b190b741d91e
d9f33ed9fdd936a670993b9a8e6ca44e7a358d0f7b217b6c6638b502f66a8015
db4f92145485f3e51fa99780a20c21067ad17b9c62fe7ae41f531eb3a2bc7b7a
dcbfe95885a8f7dcdff9c894b45226bff39509646cd01ee9b43d0bfa5cf68913
dcc4d7b5d87c2cacfa9362308b326f65556b56f7ff33166c82d7640df27f1cfa
dcdcfac9afdd5966491176a0460eb8a9c4a9e315c2ee577faa43cca1e8ba6d1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0a8af2d1bce0aea705915e58823c16579b3c9766c00edbdea98e61e05515eeb
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e12dd298874b1dd4f8c700c424fb25361e055640d79ede83f28525215935f715
e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f
e3526fa44efe53581f4af0ee0c4e7157cc3f203ab7a2a0de106f39f2439f4822
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e833e86e5c9bcfa370349adce9536ac2e6fe1b7a74d7fc7f150f8c00af15aaa6
ea607011a6e2bef5d49fceab2ab6cb45e8e1fb2367dffe352daaa50742066666
ebb832a9559de76a7d620bd1d51c10bc6521431848893abea058bc5d32f1cd31
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
eda33f069061351b00919c8bce750f2fcdbd7b5b2f01e8109b253abff2a54131
edd56323100ed16d2325864c682df0ec63d453c2279cb8d8bef04c5f98e8422c
edef4fe657f8b9782572d52cd13c1ac7089be4352523ed1c7c7cdd455792f822
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eeb11bd521b056e3353924df9585403d013b2ccca5122db56ae4272816bfc349
eefdd22a28ed95e3c9e641c9cd2e362e1af779250df166a23c3f0f1e0b1f89e8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef973d2ed848b1c016035f99030f76de9ef27bf7657312d85ae405ec09561ece
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f4281fdde1af810498e055fbc85b41ee02cfe2d9d33bf090e111c094f43978de
f4d998cf2b521a653733947733d0a034b11847eb0f321b81674e5d11ea2997cb
f524e504fce6cb5cf80547360264dc3f23e76d5b4a4529207e2c5b39a877c652
f5f8625b59e3eaa335c35fcc9324d99981aab5ed1e338585ef13ccb793627f70
f8f8a0186f3ef43fe514579317e1f9627d49c83bddc93c78a948a62c78eccf6c
f9631a353547453d16083040fe145d370daff2a2eb192db6a2db6d6576bdfb2c
fb42828e28d4af3a30bc5aa8c86dde525bd2cdd52d445ef0843b48b069c3cce9

www.heart.org Open in urlscan Pro 2600:9000:2156:f400:1a:380b:6e00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

377 Requests

99 %HTTPS

39 %IPv6

31 Domains

56 Subdomains

49 IPs

5 Countries

6179 kBTransfer

20050 kBSize

45 Cookies

61 Outgoing links

Page URL History

Redirected requests

377 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heart.org Open in urlscan Pro
2600:9000:2156:f400:1a:380b:6e00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

377
Requests

99 %
HTTPS

39 %
IPv6

31
Domains

56
Subdomains

49
IPs

5
Countries

6179 kB
Transfer

20050 kB
Size

45
Cookies

377 HTTP transactions
3 data transactions