urlscan.io logo urlscan.io
SecurityTrails logo

giving.parishsoft.com Open in urlscan Pro
2620:1ec:40::45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://outbound.ministrybrands.com/e3t/Ctc/OP+113/cKvv904/VVpN7q5Ts_B7Vr9sgm4JTQ9kW1qZjFf4RT4DBN1KM5tG3lLBZV1-WJV7CgMgvW5mprg789hz1...
Effective URL: https://giving.parishsoft.com/App/Form/e829cd7d-3222-4ddc-a176-4230f811771c?utm_medium=email&_hsmi=232131840&_hsenc=p2ANqtz-_I...
Submission: On November 01 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 14 domains to perform 56 HTTP transactions. The main IP is 2620:1ec:40::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is giving.parishsoft.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 19th 2022. Valid for: a year.
This is the only time giving.parishsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
1 2620:1ec:40::45 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
25 20.96.152.128 8075 (MICROSOFT...)
1 143.204.207.119 16509 (AMAZON-02)
1 2606:2800:133... 15133 (EDGECAST)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
5 151.101.193.21 54113 (FASTLY)
1 52.239.192.4 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.167.221.184 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 192.229.221.25 15133 (EDGECAST)
2 151.101.66.133 54113 (FASTLY)
56 18
2    2606:2c40::c73c:67e1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
outbound.ministrybrands.com
1    2620:1ec:40::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
giving.parishsoft.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
25    20.96.152.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.ministryforms.net
1    143.204.207.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-119.fra53.r.cloudfront.net
cdn.auth0.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
pro.fontawesome.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:400c:c06::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
5    151.101.193.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    52.239.192.4 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pciprdprodfmssa.blob.core.windows.net
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.167.221.184 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eastus2-0.in.applicationinsights.azure.com
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
c.paypal.com
t.paypal.com
2    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
Apex Domain
Subdomains		 Transfer
25 ministryforms.net
forms.ministryforms.net — Cisco Umbrella Rank: 330521
2 MB
9 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2261
c.paypal.com — Cisco Umbrella Rank: 5551
t.paypal.com
120 KB
4 google.com
pay.google.com — Cisco Umbrella Rank: 3934
www.google.com — Cisco Umbrella Rank: 17
42 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
204 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2057
33 KB
2 azure.com
eastus2-0.in.applicationinsights.azure.com — Cisco Umbrella Rank: 54485
257 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 361
61 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
2 KB
2 ministrybrands.com
outbound.ministrybrands.com
5 KB
1 windows.net
pciprdprodfmssa.blob.core.windows.net — Cisco Umbrella Rank: 784740
67 KB
1 fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 10426
32 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 3755
47 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 15287
34 KB
1 parishsoft.com
giving.parishsoft.com
2 KB
56 14
Domain Requested by
25 forms.ministryforms.net giving.parishsoft.com
forms.ministryforms.net
5 www.paypal.com forms.ministryforms.net
www.paypal.com
az416426.vo.msecnd.net
www.paypalobjects.com
3 pay.google.com forms.ministryforms.net
pay.google.com
outbound.ministrybrands.com
2 t.paypal.com
2 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
2 c.paypal.com forms.ministryforms.net
c.paypal.com
2 www.gstatic.com www.google.com
pay.google.com
2 eastus2-0.in.applicationinsights.azure.com az416426.vo.msecnd.net
2 cdnjs.cloudflare.com forms.ministryforms.net
2 fonts.googleapis.com giving.parishsoft.com
forms.ministryforms.net
2 outbound.ministrybrands.com 1 redirects
1 www.google.com forms.ministryforms.net
1 fonts.gstatic.com fonts.googleapis.com
1 pciprdprodfmssa.blob.core.windows.net
1 pro.fontawesome.com forms.ministryforms.net
1 az416426.vo.msecnd.net forms.ministryforms.net
1 cdn.auth0.com forms.ministryforms.net
1 giving.parishsoft.com outbound.ministrybrands.com
56 18

This site contains no links.

Subject Issuer Validity Valid
outbound.ministrybrands.com
Cloudflare Inc ECC CA-3		 2022-05-14 -
2023-05-14		 a year crt.sh
giving.parishsoft.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-19 -
2023-05-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.forms.ministryforms.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-22 -
2023-01-06		 a year crt.sh
*.auth0.com
Amazon		 2022-03-26 -
2023-04-24		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-12 -
2023-04-12		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2022-09-20 -
2023-09-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 06		 2022-09-19 -
2023-09-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-13 -
2023-11-13		 a year crt.sh

This page contains 4 frames:

Primary Page: https://giving.parishsoft.com/App/Form/e829cd7d-3222-4ddc-a176-4230f811771c?utm_medium=email&_hsmi=232131840&_hsenc=p2ANqtz-_I-W_lQkCDKZ4ZcQsMZQaUJBntJq_Jb4NCBlnT2UpiEqELTh4jYtz2BsVS0myxX4GlQBetU_FVuWF19Y_zgmiMbzXV-Q&utm_content=232131840&utm_source=hs_email
Frame ID: 2399F9964D1FEE876F94D76C9CD6D7AA
Requests: 5 HTTP requests in this frame

Frame: https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
Frame ID: B1494A1FE88520A90CECDB2C8276987D
Requests: 43 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fforms.ministryforms.net&mid=
Frame ID: 528398365F1D93028F106DA6FF09AC48
Requests: 3 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: DD99D429D5D8447DEA4766B96D465B20
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://outbound.ministrybrands.com/e3t/Ctc/OP+113/cKvv904/VVpN7q5Ts_B7Vr9sgm4JTQ9kW1qZjFf4RT4DBN1KM5tG3lLBZV1-W... Page URL
  2. https://outbound.ministrybrands.com/events/public/v1/encoded/track/tc/OP+113/cKvv904/VVpN7q5Ts_B7Vr9sgm4JTQ9kW1q... HTTP 307
    https://giving.parishsoft.com/App/Form/e829cd7d-3222-4ddc-a176-4230f811771c?utm_medium=email&_hsmi=2321318... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • /auth0(?:-js)?/([\d.]+)/auth0(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

56
Requests

98 %
HTTPS

59 %
IPv6

14
Domains

18
Subdomains

18
IPs

3
Countries

2291 kB
Transfer

7004 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://outbound.ministrybrands.com/e3t/Ctc/OP+113/cKvv904/VVpN7q5Ts_B7Vr9sgm4JTQ9kW1qZjFf4RT4DBN1KM5tG3lLBZV1-WJV7CgMgvW5mprg789hz1xMxVWtk9hN_hMYxH-n5JtVvW2PmVhS2yrTRCW34XZwl4MFGBjN7_90b2Lkd9WW4gskmv49hKxTW39z_DP4RbcN2N7cSMCrfHZ7LW8jFHrD8ZV5zHVSd_Kd2-s2rdW6XWRvh6mXFGfN4wD3DkkP_FdW1sB6238X4X3RW1NkgLv2-qswDW8y6Q1g346XW1W8GDFQp5qBWZ1VZfhBZ2S5wSwW7LYP3w6MY7DfW6mmmpT75_8cBW62gr6R3S9dRRW2vD-cg42tyy6W3Lnk_85slgTzW2cpDM863LKymW4yhjxT1SQqL0W9c80H_8WGgN83l711 Page URL
  2. https://outbound.ministrybrands.com/events/public/v1/encoded/track/tc/OP+113/cKvv904/VVpN7q5Ts_B7Vr9sgm4JTQ9kW1qZjFf4RT4DBN1KM5tG3lLBZV1-WJV7CgMgvW5mprg789hz1xMxVWtk9hN_hMYxH-n5JtVvW2PmVhS2yrTRCW34XZwl4MFGBjN7_90b2Lkd9WW4gskmv49hKxTW39z_DP4RbcN2N7cSMCrfHZ7LW8jFHrD8ZV5zHVSd_Kd2-s2rdW6XWRvh6mXFGfN4wD3DkkP_FdW1sB6238X4X3RW1NkgLv2-qswDW8y6Q1g346XW1W8GDFQp5qBWZ1VZfhBZ2S5wSwW7LYP3w6MY7DfW6mmmpT75_8cBW62gr6R3S9dRRW2vD-cg42tyy6W3Lnk_85slgTzW2cpDM863LKymW4yhjxT1SQqL0W9c80H_8WGgN83l711?_ud=41bb800c-1a28-4b4f-9c7e-2e32988c0d9c&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://giving.parishsoft.com/App/Form/e829cd7d-3222-4ddc-a176-4230f811771c?utm_medium=email&_hsmi=232131840&_hsenc=p2ANqtz-_I-W_lQkCDKZ4ZcQsMZQaUJBntJq_Jb4NCBlnT2UpiEqELTh4jYtz2BsVS0myxX4GlQBetU_FVuWF19Y_zgmiMbzXV-Q&utm_content=232131840&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VVpN7q5Ts_B7Vr9sgm4JTQ9kW1qZjFf4RT4DBN1KM5tG3lLBZV1-WJV7CgMgvW5mprg789hz1xMxVWtk9hN_hMYxH-n5JtVvW2PmVhS2yrTRCW34XZwl4MFGBjN7_90b2Lkd9WW4gskmv49hKxTW39z_DP4RbcN2N7cSMCrfHZ7LW8jFHrD8ZV5zHVSd_Kd2-s2rd...
outbound.ministrybrands.com/e3t/Ctc/OP+113/cKvv904/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://outbound.ministrybrands.com/e3t/Ctc/OP+113/cKvv904/VVpN7q5Ts_B7Vr9sgm4JTQ9kW1qZjFf4RT4DBN1KM5tG3lLBZV1-WJV7CgMgvW5mprg789hz1xMxVWtk9hN_hMYxH-n5JtVvW2PmVhS2yrTRCW34XZwl4MFGBjN7_90b2Lkd9WW4gskmv49hKxTW39z_DP4RbcN2N7cSMCrfHZ7LW8jFHrD8ZV5zHVSd_Kd2-s2rdW6XWRvh6mXFGfN4wD3DkkP_FdW1sB6238X4X3RW1NkgLv2-qswDW8y6Q1g346XW1W8GDFQp5qBWZ1VZfhBZ2S5wSwW7LYP3w6MY7DfW6mmmpT75_8cBW62gr6R3S9dRRW2vD-cg42tyy6W3Lnk_85slgTzW2cpDM863LKymW4yhjxT1SQqL0W9c80H_8WGgN83l711
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
MISS
cf-ray
76375de569ba0daa-MRS
content-encoding
br
content-type
text/html;charset=utf-8
date
Tue, 01 Nov 2022 20:26:41 GMT
last-modified
Tue, 01 Nov 2022 20:26:41 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fA%2B022tQ9P7hylKNGSGkBa1QtdLZCWq7lJlM8zs8r5OoXFm%2FCHFQtvrZYMOtNdAiqN0EGILVlq3L9I0nV7uXcvfvxqgQl9YfHT32TChoVghGJpggEnPgvboNL8lPy6qEWj6a3XIiIsLwhjleoQdMdS3vd7ssgEJdKg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-hs-https-only
worker
x-hubspot-correlation-id
56029991-bfb2-4020-b332-33b41bc60422
x-robots-tag
none
Primary Request e829cd7d-3222-4ddc-a176-4230f811771c
giving.parishsoft.com/App/Form/
Redirect Chain
  • https://outbound.ministrybrands.com/events/public/v1/encoded/track/tc/OP+113/cKvv904/VVpN7q5Ts_B7Vr9sgm4JTQ9kW1qZjFf4RT4DBN1KM5tG3lLBZV1-WJV7CgMgvW5mprg789hz1xMxVWtk9hN_hMYxH-n5JtVvW2PmVhS2yrTRCW34...
  • https://giving.parishsoft.com/App/Form/e829cd7d-3222-4ddc-a176-4230f811771c?utm_medium=email&_hsmi=232131840&_hsenc=p2ANqtz-_I-W_lQkCDKZ4ZcQsMZQaUJBntJq_Jb4NCBlnT2UpiEqELTh4jYtz2BsVS0myxX4GlQBetU_F...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://giving.parishsoft.com/App/Form/e829cd7d-3222-4ddc-a176-4230f811771c?utm_medium=email&_hsmi=232131840&_hsenc=p2ANqtz-_I-W_lQkCDKZ4ZcQsMZQaUJBntJq_Jb4NCBlnT2UpiEqELTh4jYtz2BsVS0myxX4GlQBetU_FVuWF19Y_zgmiMbzXV-Q&utm_content=232131840&utm_source=hs_email
Requested by
Host: outbound.ministrybrands.com
URL: https://outbound.ministrybrands.com/e3t/Ctc/OP+113/cKvv904/VVpN7q5Ts_B7Vr9sgm4JTQ9kW1qZjFf4RT4DBN1KM5tG3lLBZV1-WJV7CgMgvW5mprg789hz1xMxVWtk9hN_hMYxH-n5JtVvW2PmVhS2yrTRCW34XZwl4MFGBjN7_90b2Lkd9WW4gskmv49hKxTW39z_DP4RbcN2N7cSMCrfHZ7LW8jFHrD8ZV5zHVSd_Kd2-s2rdW6XWRvh6mXFGfN4wD3DkkP_FdW1sB6238X4X3RW1NkgLv2-qswDW8y6Q1g346XW1W8GDFQp5qBWZ1VZfhBZ2S5wSwW7LYP3w6MY7DfW6mmmpT75_8cBW62gr6R3S9dRRW2vD-cg42tyy6W3Lnk_85slgTzW2cpDM863LKymW4yhjxT1SQqL0W9c80H_8WGgN83l711
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7414469520ce4fefe52d49a9c4e48181eb331885858fdbac32841c4d28a1b04f
Security Headers
Name Value
Content-Security-Policy default-src https:; connect-src https: wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io; font-src https: data:; frame-src https: data:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; frame-ancestors https:;
Strict-Transport-Security max-age=2592000 max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://outbound.ministrybrands.com/e3t/Ctc/OP+113/cKvv904/VVpN7q5Ts_B7Vr9sgm4JTQ9kW1qZjFf4RT4DBN1KM5tG3lLBZV1-WJV7CgMgvW5mprg789hz1xMxVWtk9hN_hMYxH-n5JtVvW2PmVhS2yrTRCW34XZwl4MFGBjN7_90b2Lkd9WW4gskmv49hKxTW39z_DP4RbcN2N7cSMCrfHZ7LW8jFHrD8ZV5zHVSd_Kd2-s2rdW6XWRvh6mXFGfN4wD3DkkP_FdW1sB6238X4X3RW1NkgLv2-qswDW8y6Q1g346XW1W8GDFQp5qBWZ1VZfhBZ2S5wSwW7LYP3w6MY7DfW6mmmpT75_8cBW62gr6R3S9dRRW2vD-cg42tyy6W3Lnk_85slgTzW2cpDM863LKymW4yhjxT1SQqL0W9c80H_8WGgN83l711
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src https:; connect-src https: wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io; font-src https: data:; frame-src https: data:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; frame-ancestors https:;
content-type
text/html; charset=utf-8
date
Tue, 01 Nov 2022 20:26:41 GMT
request-context
appId=cid-v1:eb8563e1-20ca-4681-9dcb-063dda93733a
strict-transport-security
max-age=2592000 max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-azure-ref
0AYFhYwAAAABmd9t2Ptt1TqCpEKMUfomGRlJBMjMxMDUwNDE4MDQ5ADAxZDViOTI0LTA4ZmYtNDcwOC04NjI0LTNlMTc4OWVkZWQ3Yw==
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
false
cf-cache-status
MISS
cf-ray
76375de71d5c0daa-MRS
date
Tue, 01 Nov 2022 20:26:41 GMT
link
<https://giving.parishsoft.com/App/Form/e829cd7d-3222-4ddc-a176-4230f811771c?utm_medium=email&_hsmi=232131840&_hsenc=p2ANqtz-_I-W_lQkCDKZ4ZcQsMZQaUJBntJq_Jb4NCBlnT2UpiEqELTh4jYtz2BsVS0myxX4GlQBetU_FVuWF19Y_zgmiMbzXV-Q&utm_content=232131840&utm_source=hs_email>; rel="canonical"
location
https://giving.parishsoft.com/App/Form/e829cd7d-3222-4ddc-a176-4230f811771c?utm_medium=email&_hsmi=232131840&_hsenc=p2ANqtz-_I-W_lQkCDKZ4ZcQsMZQaUJBntJq_Jb4NCBlnT2UpiEqELTh4jYtz2BsVS0myxX4GlQBetU_FVuWF19Y_zgmiMbzXV-Q&utm_content=232131840&utm_source=hs_email
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPOev6PEh0S0jRVeoFXJ7IB8c4xhX1PP5RSQpu9MmxGS7f%2FWqhVvUeWVE7AuA0nLXsLAIsHzH%2B6e7NoKBF%2FPoDSzHvaz70HUZwZoLqHHnhM9nMyLq2QITHFtxyWz9lNPKQg4X0uGqtU07j2mBpYi%2BmMvh0TTJ9pPUw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-hs-https-only
worker
x-hubspot-correlation-id
9b7434be-c180-4e79-bdf1-6187a87e786f
x-robots-tag
none
css
fonts.googleapis.com/ 		1 KB
898 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: giving.parishsoft.com
URL: https://giving.parishsoft.com/App/Form/e829cd7d-3222-4ddc-a176-4230f811771c?utm_medium=email&_hsmi=232131840&_hsenc=p2ANqtz-_I-W_lQkCDKZ4ZcQsMZQaUJBntJq_Jb4NCBlnT2UpiEqELTh4jYtz2BsVS0myxX4GlQBetU_FVuWF19Y_zgmiMbzXV-Q&utm_content=232131840&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giving.parishsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 01 Nov 2022 20:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 20:05:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Nov 2022 20:26:42 GMT
embed.aspx
forms.ministryforms.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/embed.aspx?formId=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true
Requested by
Host: giving.parishsoft.com
URL: https://giving.parishsoft.com/App/Form/e829cd7d-3222-4ddc-a176-4230f811771c?utm_medium=email&_hsmi=232131840&_hsenc=p2ANqtz-_I-W_lQkCDKZ4ZcQsMZQaUJBntJq_Jb4NCBlnT2UpiEqELTh4jYtz2BsVS0myxX4GlQBetU_FVuWF19Y_zgmiMbzXV-Q&utm_content=232131840&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
425b6f39749e60d6f3070c56b69a290afc23883b100cfe0d0f1ad713e092d8b2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giving.parishsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:43 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Connection
keep-alive
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
viewForm.aspx
forms.ministryforms.net/ Frame B149 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/embed.aspx?formId=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
722b5bf4a7ae565ad172dd2303123a0fcf8ef32b86a2d5cdef7285fcee90a58b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://giving.parishsoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 01 Nov 2022 20:26:43 GMT
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=2592000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
ASP.NET
X-Robots-Tag
noindex
auth0.min.js
cdn.auth0.com/js/auth0/9.5.1/ 		109 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/auth0/9.5.1/auth0.min.js
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/embed.aspx?formId=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-119.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c65499454b28db683dd0efc366872a896cef0fe2ccfd6d51d6db446dcad88fcb

Request headers

Referer
https://giving.parishsoft.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-amz-version-id
38nHgGlXmejuOCEREftQ2ogm5Z01rLQ3
content-encoding
gzip
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
date
Tue, 01 Nov 2022 06:11:05 GMT
last-modified
Mon, 30 Apr 2018 13:21:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
51352
etag
W/"83fff95e521d50b4c0b70d4fc73f499f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2628000,public
x-amz-replication-status
COMPLETED
x-amz-cf-id
o-tvbZaOntofHuXLZUiNSDpeA4OppF5WxkNOmTllnOKxb3zZUBDu4w==
mb.formbuilder.embed.js
forms.ministryforms.net/scripts/ Frame B149 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.21.1
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9b83a4a757176c9fc35fbc97d8f751198e239cc381e8ecb0d83bdf1c174bcd57
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:43 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Connection
keep-alive
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
Last-Modified
Mon, 10 Oct 2022 14:02:38 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f46440e9"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
X-Robots-Tag
noindex
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/ Frame B149 		118 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC8F) /
Resource Hash
ac4f3a99557d9c17b6ded0c6d4f0b267f4879cde9baec07a83910ab8c7059f77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 01 Nov 2022 20:26:44 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-07 00:07:47
content-md5
9j1it/ejcfI34cTV1VuCzA==
age
1029
x-cache
HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.9.min.js
content-length
47276
x-ms-lease-status
unlocked
last-modified
Mon, 31 Oct 2022 18:35:27 GMT
server
ECAcc (amc/BC8F)
x-ms-meta-aijssdkver
2.8.9
etag
0x8DABB6EAE654DEC
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c69071cc-401e-001a-252d-ee26bc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
expires
Tue, 01 Nov 2022 20:56:44 GMT
fms_2.21.1.js
forms.ministryforms.net/scripts/ Frame B149 		3 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/scripts/fms_2.21.1.js
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4f53abeb9866fc71f2e67246aafb24fcad4ac64316958087350f70335a7bbedd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:43 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:38 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f450cdd1"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
en-client.json
forms.ministryforms.net/Static/translations/ Frame B149 		54 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/Static/translations/en-client.json?fms_version=2.21.1
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d175f9ec40f49c4b0282c6b4c08986c3d6f375cf953a8cc42afd37802d5f96bc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:43 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:39 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f4fc3f7d"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
bootstrap.min.css
forms.ministryforms.net/styles/ Frame B149 		175 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/bootstrap.min.css?fms_version=2.21.1
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0c4aebe921b9a73e0b29813122e427fcc2bb996848dcdb906bfddc8b8b22c3ca
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:44 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:38 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f466e953"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
default.min.css
forms.ministryforms.net/styles/ Frame B149 		787 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/default.min.css?fms_version=2.21.1
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
30927ce14f16754309fe5174b9677f205b2c7c37bc66c210e0566dfbf66f9deb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:43 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:38 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f4681f33"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
all.css
pro.fontawesome.com/releases/v5.15.3/css/ Frame B149 		170 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.21.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 20:26:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 28 Jun 2021 17:21:37 GMT
server
cloudflare
x-amz-request-id
N0PKCPQ3PM6RBAKC
age
4276243
etag
W/"a28e912c1a41becec7f68848d739d5c0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31556926
cf-ray
76375df84d585bf1-FRA
x-amz-id-2
aw82ywh73IhwmplNnVd7b/nDyVQAVGqcyke+YhYpb/IPlIs5X/3FQDESsKxQEcR4urJjHIigMtM=
css
fonts.googleapis.com/ Frame B149 		16 KB
1006 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.21.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a125f56731750f15001719ac3c2b9ee3beec5bc37c3c21b46eef08c53c7fa07f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 01 Nov 2022 20:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 19:47:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Nov 2022 20:26:43 GMT
embed-platform-fn.min.css
forms.ministryforms.net/styles/ Frame B149 		51 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/embed-platform-fn.min.css?fms_version=2.21.1
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8de17001f0d04ec790abcc1c9bf075998eaf0f5875160d4b255a09ba2a4ea6dd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:44 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:38 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f4649ef5"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
font-select.min.css
forms.ministryforms.net/styles/ Frame B149 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/font-select.min.css?fms_version=2.21.1
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
246770fb5c0ca892721975f25c4e7aa802f4f76c955d53864328858a0adc58bb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:44 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:38 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f4645a89"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
spectrum.min.css
forms.ministryforms.net/styles/ Frame B149 		9 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/spectrum.min.css?fms_version=2.21.1
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
35f96e907107e31f46b0636e13977971e032706f9c870f3914554072186f2fe5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:44 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:39 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f4fcca7f"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
kendo-common-material.min.css
forms.ministryforms.net/styles/ Frame B149 		226 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/kendo-common-material.min.css?fms_version=2.21.1
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
310fc5868accfabbe74a106dab8ba0777755ceb0fd005d0942c20ab9d55989ae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:44 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:38 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f467d4ab"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
kendo-material.min.css
forms.ministryforms.net/styles/ Frame B149 		87 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/kendo-material.min.css?fms_version=2.21.1
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3f31603265a4f8870b3bd67fcf94813f56a86b678d7ccb24e35001614d14d2c2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:44 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:38 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f46508ef"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
kendo-material-mobile.min.css
forms.ministryforms.net/styles/ Frame B149 		105 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/kendo-material-mobile.min.css?fms_version=2.21.1
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fa83faecf96324d94f3147a492b6c2c3a1130b57d11c94b1ed1e9c9b261568b6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:44 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:38 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f465f67f"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/7.0.2/css/ Frame B149 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/7.0.2/css/intlTelInput.css
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.21.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28c33fae1762817c3f3427558c42d951dc8975cddcf0500b82c000906873fd26
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 20:26:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3717689
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1766
last-modified
Mon, 04 May 2020 16:11:18 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ea6-4807"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6k8UT%2FA3ophXW7Z7S9MMYoEfvH3kisVNffbsn7ZVLfQeyizHCEuKuAHilH2nZk3dA3xJCeVJRwNtnIsXQ5isJaRax1Hi8WZPAecNZYHsOvxXZ2xoDycuGMDzKxeMIJNicDJ76DJG%2FvOm3YH0xjqnBe%2FR"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76375df75eb85c2c-FRA
expires
Sun, 22 Oct 2023 20:26:43 GMT
e829cd7d-3222-4ddc-a176-4230f811771c
forms.ministryforms.net/api/v1/forms/getclient/ Frame B149 		14 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/api/v1/forms/getclient/e829cd7d-3222-4ddc-a176-4230f811771c?embedSource=0
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e9bf8d8288e01ed490a1e3bb464970c9a95683ae4ea21bab8aa21370627be9fc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:44 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Connection
keep-alive
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
pay.js
pay.google.com/gp/p/js/ Frame B149 		102 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/fms_2.21.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f7fd72d7b53a6c582d8d7d139e813eeeacba5f8dadd49c7c677c5b8dc9d1ede
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-REaniYeYWZKBc62ZRzZfgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 20:26:45 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-REaniYeYWZKBc62ZRzZfgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 01 Nov 2022 20:26:45 GMT
js
www.paypal.com/sdk/ Frame B149 		311 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?intent=tokenize&vault=true&client-id=AfyrbY-mnUzR9TCY8CIpV2Yv8NS_7kQlBCZnK6xTa-TZSVJJeAh4gpkvvckZdx8Fmx3n8pUagda8OpJw
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/fms_2.21.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f8f30dc7c4edb53d94738a942614bfb576b432ba10e89ba29127b18a2d8c0108
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-9WyRX0o5OViAXQl7zceRvLi/0pGeuoD3UTXpmEdyxRmKmvAn' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-9WyRX0o5OViAXQl7zceRvLi/0pGeuoD3UTXpmEdyxRmKmvAn' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-9WyRX0o5OViAXQl7zceRvLi/0pGeuoD3UTXpmEdyxRmKmvAn' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-9WyRX0o5OViAXQl7zceRvLi/0pGeuoD3UTXpmEdyxRmKmvAn' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 01 Nov 2022 20:26:46 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-cache
MISS
p3p
true
paypal-debug-id
f427234eded4c
server-timing
"traceparent;desc="00-0000000000000000000f427234eded4c-310ee4119f0336bc-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
93731
x-xss-protection
1; mode=block
x-served-by
cache-hhn4060-HHN
traceparent
00-0000000000000000000f427234eded4c-307f3341e2d7bb13-01
x-timer
S1667334406.644472,VS0,VE525
etag
W/"16e23-0c7kkaddZkx9ZQXtdTJBUbkIwXU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
accept-ranges
bytes
x-cache-hits
0
10.fms_2.21.1.js
forms.ministryforms.net/scripts/ Frame B149 		226 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/scripts/10.fms_2.21.1.js
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/fms_2.21.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5c2152bb8f24c583128b5a8d7588e191eb3c97ab7f994898fc0964e3d5a5d402
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:45 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:38 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f467d4c9"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
prof%20dev.jpg
pciprdprodfmssa.blob.core.windows.net/fms/2fbb4e04-985d-45ef-a56b-5da0a4a6ea42/ Frame B149 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pciprdprodfmssa.blob.core.windows.net/fms/2fbb4e04-985d-45ef-a56b-5da0a4a6ea42/prof%20dev.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.192.4 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e1f154281a626ca0d484257f5595541e1c2c727381cf1280bd7bccfdf61d9672

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 01 Nov 2022 20:26:45 GMT
Last-Modified
Mon, 12 Sep 2022 18:20:23 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
fVAdjvHbAE3WF/vzziEA1A==
ETag
0x8DA94EB75943009
Content-Type
image/jpeg
x-ms-request-id
37e7b194-901e-0018-6030-ee7a1c000000
x-ms-version
2009-09-19
Content-Length
67755
card.png
forms.ministryforms.net/Static/images/paymentmethods/ Frame B149 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.ministryforms.net/Static/images/paymentmethods/card.png?fms_version=2.21.1?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
68f9e90f16f8d6158f27805adbe9d70f1700e69c5bbcfcfa30e873c68175f7af
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:45 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:40 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f595a160"
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
8544
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
ach.png
forms.ministryforms.net/Static/images/paymentmethods/ Frame B149 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.ministryforms.net/Static/images/paymentmethods/ach.png?fms_version=2.21.1?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fb970606cfd8afcdffc1eb76d92d48041a9fe9de8113b3e20f4da3efabaa9928
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:45 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:40 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f595ab2d"
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
11053
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/7.0.2/img/ Frame B149 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/7.0.2/img/flags.png
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/styles/default.min.css?fms_version=2.21.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfbbc2e7071db10ea02d2eb68a16ec63fcb5cc8c13b18341232ec43807c52fec
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 20:26:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
11545997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59280
last-modified
Mon, 04 May 2020 16:11:18 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ea6-e78c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTmnjHACSMbJgtYDSGKdYWXaFlY2sEtnGWl%2F8uFytwbgeJH7%2B0CQlTFzReCgeKF51ihTb3qtu0FhA6ieQ4MGDsCqouA0%2FfjIviRDzoSNTPLt4JLt3qX4zngCJBERQAvYQ%2FUGvbxi%2FcTq38y%2BjH3QVwnO"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76375e02fff9bb35-FRA
expires
Sun, 22 Oct 2023 20:26:45 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame B149 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://forms.ministryforms.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 18:50:24 GMT
x-content-type-options
nosniff
age
92181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 18:50:24 GMT
fms.ttf
forms.ministryforms.net/Static/fonts/ Frame B149 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/Static/fonts/fms.ttf?fms_version=2.0
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/styles/default.min.css?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4803f7383144b6a01dc87221b3318adfc6a125bdb4bec9d8613dcf5df8f8e557
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://forms.ministryforms.net/styles/default.min.css?fms_version=2.21.1
Origin
https://forms.ministryforms.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:45 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:39 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f4fc00c8"
X-Powered-By
ASP.NET
Content-Type
application/x-font-ttf
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
59720
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
track
eastus2-0.in.applicationinsights.azure.com//v2/ Frame B149 		49 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eastus2-0.in.applicationinsights.azure.com//v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.221.184 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.ministryforms.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
2083EFC1-5F8D-4EC2-8944-40F5B0ED0E58
strict-transport-security
max-age=31536000
date
Tue, 01 Nov 2022 20:26:46 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
49
track
eastus2-0.in.applicationinsights.azure.com//v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eastus2-0.in.applicationinsights.azure.com//v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.221.184 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://forms.ministryforms.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Tue, 01 Nov 2022 20:26:45 GMT
x-content-type-options
nosniff
api.js
www.google.com/recaptcha/ Frame B149 		852 B
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/fms_2.21.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9f35f72d1b6d10f0b5ebca8169126dbab29cbbf968118773b2f65224ec612d0f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 20:26:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
557
x-xss-protection
1; mode=block
expires
Tue, 01 Nov 2022 20:26:45 GMT
visa-input.png
forms.ministryforms.net/Static/images/paymentmethods/ Frame B149 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.ministryforms.net/Static/images/paymentmethods/visa-input.png?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dfdd721c61c9f241bcdf9d223e96e45f84813a49ea6490577e5e79e03850daa2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:45 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:40 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f5958dd5"
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
3541
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
discover-input.png
forms.ministryforms.net/Static/images/paymentmethods/ Frame B149 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.ministryforms.net/Static/images/paymentmethods/discover-input.png?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
912061a3387860ad4b1257bb96df147a37639bb99cb460dc1fbb09ca0ef323f8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:45 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:40 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f5958e73"
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
3699
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
amex-input.png
forms.ministryforms.net/Static/images/paymentmethods/ Frame B149 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.ministryforms.net/Static/images/paymentmethods/amex-input.png?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8b14f7b95603839f9d6c89d23eb08fa18c3d96a4c7d7cd2e723b831ee7413f25
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:45 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:40 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f5959698"
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
5784
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
mastercard-input.png
forms.ministryforms.net/Static/images/paymentmethods/ Frame B149 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.ministryforms.net/Static/images/paymentmethods/mastercard-input.png?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9c9a06bfa047a5dd1995b2c9fc5eb91bd203d4ea771297820b771c972bd766e5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:45 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:40 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f5958a2c"
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
2604
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
credit.png
forms.ministryforms.net/Static/images/ Frame B149 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.ministryforms.net/Static/images/credit.png?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
727a0ce6924e22b6371526875cdc90dbce933146a82d82306e90e5e59189adc0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:45 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:39 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f4fca0d3"
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
18771
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
recaptcha__de.js
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ Frame B149 		400 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8850c59b00380af79a60472b2d9db31db1f9abe5bbb3b3771eabb12780653688
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.ministryforms.net/
Origin
https://forms.ministryforms.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 17:06:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163140
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 04:01:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Nov 2023 17:06:16 GMT
payframe
pay.google.com/gp/p/ui/ Frame 5283 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fforms.ministryforms.net&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
199537fd1071ed91a31b62f86795f7f10052cfc8015ddbba7267ace0bedba008
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-Cjc-amSl_C5NGitw2QWzRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.ministryforms.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-Cjc-amSl_C5NGitw2QWzRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 01 Nov 2022 20:26:46 GMT
expires
Tue, 01 Nov 2022 20:26:46 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
pptm.js
www.paypal.com/tagmanager/ Frame B149 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=forms.ministryforms.net&t=xo&v=5.0.338&source=payments_sdk&client_id=AfyrbY-mnUzR9TCY8CIpV2Yv8NS_7kQlBCZnK6xTa-TZSVJJeAh4gpkvvckZdx8Fmx3n8pUagda8OpJw&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?intent=tokenize&vault=true&client-id=AfyrbY-mnUzR9TCY8CIpV2Yv8NS_7kQlBCZnK6xTa-TZSVJJeAh4gpkvvckZdx8Fmx3n8pUagda8OpJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c48e3beb1ec3888c0f1c174d7173ea9cf2172b25a933fb9c21845b4955223c6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-1/oyvYo2JcccBaf3PTgJeiQAP/s/VIP4DjSqwtttXpzPFYI8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-1/oyvYo2JcccBaf3PTgJeiQAP/s/VIP4DjSqwtttXpzPFYI8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 01 Nov 2022 20:26:46 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
29196
x-cache
HIT
paypal-debug-id
f92940603b7aa
server-timing
"traceparent;desc="00-0000000000000000000f92940603b7aa-b7f849b7e22473ef-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4747
x-xss-protection
1; mode=block
x-served-by
cache-hhn4060-HHN
traceparent
00-0000000000000000000f92940603b7aa-a276f0416caf270e-01
x-timer
S1667334406.347384,VS0,VE6
etag
W/"354c-mAHHfpiO4kR82+bjO6ycP+ds+C0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600
accept-ranges
bytes
x-cache-hits
1
fb-all-prod.pp2.min.js
c.paypal.com/webstatic/r/fb/ Frame B149 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/fms_2.21.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDF) /
Resource Hash
0adaf22e6710cbc950db6526ac09b6c8757ed25e4701196e88cf2f87dca596c7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 20:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1194770
x-cache
HIT
paypal-debug-id
b559d3a6e8cda
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=2
dc
ccg11-origin-www-1.paypal.com
content-length
18440
last-modified
Sat, 13 Feb 2021 00:30:01 GMT
server
ECAcc (frc/4CDF)
traceparent
00-0000000000000000000b559d3a6e8cda-be2eddab8897fb51-01
etag
"60271d89-e7e3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Nov 2022 20:26:46 GMT
googlepay.svg
forms.ministryforms.net/Static/images/paymentmethods/ Frame B149 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.ministryforms.net/Static/images/paymentmethods/googlepay.svg?fms_version=2.21.1?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9ddde73a0e3e8b16e7c518f00380c542c96dbec8b0f80363d5037d905f0bba9d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:46 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:40 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f5958ca6"
X-Powered-By
ASP.NET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
3238
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
paypal.png
forms.ministryforms.net/Static/images/paymentmethods/ Frame B149 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.ministryforms.net/Static/images/paymentmethods/paypal.png?fms_version=2.21.1?fms_version=2.21.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.96.152.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7412d2bdeb60af1f915f8f6375e052d7436d945a89832fb464c896d7e10c44be
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true&embed=true&frameid=035892620457788516
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 20:26:46 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 10 Oct 2022 14:02:40 GMT
Server
Microsoft-IIS/10.0
ETag
"1d8dcb0f595b4f2"
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
13554
Request-Context
appId=cid-v1:2a8b6e4d-95a7-455b-8e1e-4675f8c5365b
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 5283 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: outbound.ministrybrands.com
URL: https://outbound.ministrybrands.com/e3t/Ctc/OP+113/cKvv904/VVpN7q5Ts_B7Vr9sgm4JTQ9kW1qZjFf4RT4DBN1KM5tG3lLBZV1-WJV7CgMgvW5mprg789hz1xMxVWtk9hN_hMYxH-n5JtVvW2PmVhS2yrTRCW34XZwl4MFGBjN7_90b2Lkd9WW4gskmv49hKxTW39z_DP4RbcN2N7cSMCrfHZ7LW8jFHrD8ZV5zHVSd_Kd2-s2rdW6XWRvh6mXFGfN4wD3DkkP_FdW1sB6238X4X3RW1NkgLv2-qswDW8y6Q1g346XW1W8GDFQp5qBWZ1VZfhBZ2S5wSwW7LYP3w6MY7DfW6mmmpT75_8cBW62gr6R3S9dRRW2vD-cg42tyy6W3Lnk_85slgTzW2cpDM863LKymW4yhjxT1SQqL0W9c80H_8WGgN83l711
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fforms.ministryforms.net&mid=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 01 Nov 2022 20:26:46 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1608
content-type
text/html; charset=UTF-8
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Jy_J0ljZN0c.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame 5283 		120 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Jy_J0ljZN0c.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjUo5RYcyYeCOWh3VF4hZ4vQ0K1rw/m=_b,_tp,_r
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fforms.ministryforms.net&mid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 16:31:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55076
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 05:26:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Nov 2023 16:31:49 GMT
logger
www.paypal.com/xoplatform/logger/api/ Frame B149 		1004 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2e5c9d60053fc83e477f353388d954f4a8f4e0c5d00b3e71fb550e8d55a97955
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://forms.ministryforms.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type
application/json

Response headers

date
Tue, 01 Nov 2022 20:26:47 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f59895975810b
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr6621-LHR, cache-cdg20754-CDG
traceparent
00-0000000000000000000f59895975810b-34291b30c9a7d321-01
x-timer
S1667334407.839944,VS0,VE190
etag
W/W/"3ec-t9rlG5LUTvCfc9oTprWvDxHf62w"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forms.ministryforms.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://forms.ministryforms.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://forms.ministryforms.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 01 Nov 2022 20:26:46 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f59895940f5e4
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f59895940f5e4-860337f36741bb8c-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-lhr6627-LHR, cache-cdg20754-CDG
x-timer
S1667334407.526067,VS0,VE237
muse.js
www.paypalobjects.com/muse/ Frame B149 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=forms.ministryforms.net&t=xo&v=5.0.338&source=payments_sdk&client_id=AfyrbY-mnUzR9TCY8CIpV2Yv8NS_7kQlBCZnK6xTa-TZSVJJeAh4gpkvvckZdx8Fmx3n8pUagda8OpJw&vault=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 20:26:46 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
84840867de170
dc
ccg11-origin-www-1.paypal.com
content-length
16464
x-served-by
cache-sjc10081-SJC, cache-hhn4020-HHN
last-modified
Tue, 03 May 2022 17:28:29 GMT
x-timer
S1667334407.646387,VS0,VE0
etag
W/"6271663d-da91"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
453416, 28310
ts
t.paypal.com/ Frame B149 		42 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A5NESZX4ZMTU7U-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A5NESZX4ZMTU7U-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=05831039-6c2b-4ef3-ae69-960b198ed7ed&fltp=analytics&mrid=5NESZX4ZMTU7U&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Professional%20Development%20Series%20presented%20by%20ParishSOFT%20by%20Ministry%20Brands!&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1667334406409&g=0&completeurl=https%3A%2F%2Fforms.ministryforms.net%2FviewForm.aspx%3Fformid%3De829cd7d-3222-4ddc-a176-4230f811771c%26direct-link%3Dtrue%26embed%3Dtrue%26frameid%3D035892620457788516&ru=https%3A%2F%2Fgiving.parishsoft.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C96) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 20:26:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
ECAcc (frc/4C96)
traceparent
00-000000000000000000072a59f1861930-7feb66ef46c24c43-01
content-type
image/gif
paypal-debug-id
72a59f1861930
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=169
timing-allow-origin
*
content-length
42
expires
Tue, 01 Nov 2022 20:26:46 GMT
e
c.paypal.com/v1/r/d/b/ Frame B149 		0
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e?e=SecurityError%3A%20Blocked%20a%20frame%20with%20origin%20%22https%3A%2F%2Fforms.ministryforms.net%22%20from%20accessing%20a%20cross-origin%20frame.20190924&stack=Error%3A%20Blocked%20a%20frame%20with%20origin%20%22https%3A%2F%2Fforms.ministryforms.net%22%20from%20accessing%20a%20cross-origin%20frame.%0A%20%20%20%20at%20https%3A%2F%2Fc.paypal.com%2Fwebstatic%2Fr%2Ffb%2Ffb-all-prod.pp2.min.js%3A1%3A57324%0A%20%20%20%20at%20https%3A%2F%2Fc.paypal.com%2Fwebstatic%2Fr%2Ffb%2Ffb-all-prod.pp2.min.js%3A1%3A59357
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C8D) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 20:26:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
61fc9914e87ee
server
ECAcc (frc/4C8D)
traceparent
00-000000000000000000061fc9914e87ee-c19380a0a1448b48-01
paypal-debug-id
61fc9914e87ee
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=175
timing-allow-origin
*
index.html
www.paypalobjects.com/muse/analytics/ Frame DD99 		54 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.ministryforms.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16791
content-type
text/html
date
Tue, 01 Nov 2022 20:26:46 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"6271663d-d994"
last-modified
Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id
50b39f10d2761
strict-transport-security
max-age=31557600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
101309, 30699
x-content-type-options
nosniff
x-served-by
cache-sjc10023-SJC, cache-hhn4020-HHN
x-timer
S1667334407.796828,VS0,VE0
ts
t.paypal.com/ Frame B149 		42 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A5NESZX4ZMTU7U-1&page=muse%3Aoffer%3A%3A%3A5NESZX4ZMTU7U-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=05831039-6c2b-4ef3-ae69-960b198ed7ed&es=visitorInfoFlowStarted&mrid=5NESZX4ZMTU7U&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Professional%20Development%20Series%20presented%20by%20ParishSOFT%20by%20Ministry%20Brands!&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1667334406924&g=0&completeurl=https%3A%2F%2Fforms.ministryforms.net%2FviewForm.aspx%3Fformid%3De829cd7d-3222-4ddc-a176-4230f811771c%26direct-link%3Dtrue%26embed%3Dtrue%26frameid%3D035892620457788516
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB9) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 20:26:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
ECAcc (frc/4CB9)
traceparent
00-00000000000000000005dcc288b188bc-762b7da3a67f31ae-01
content-type
image/gif
paypal-debug-id
5dcc288b188bc
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=174
timing-allow-origin
*
content-length
42
expires
Tue, 01 Nov 2022 20:26:47 GMT
graphql
www.paypal.com/targeting/ Frame DD99 		0
0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 01 Nov 2022 20:26:47 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f598959ac46b8
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f598959ac46b8-00bbf3a37dfd9b26-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-lhr7346-LHR, cache-cdg20754-CDG
x-timer
S1667334407.950094,VS0,VE215

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.paypal.com
URL
https://www.paypal.com/targeting/graphql

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| auth0

5 Cookies

Domain/Path Name / Value
.outbound.ministrybrands.com/ Name: __cf_bm
Value: AtbrYsD6O1H1KgYtnXB.AaDoXY7I_fMoDVgxninfil0-1667334401-0-AfVdhweWzM4x9udnqv6bmipbY0UUyRUwzger5b7OuayATfZVly+LT6gHsaffWOhh1xbWqxTKm5wrMB5kuj7eO38=
.outbound.ministrybrands.com/ Name: __cfruid
Value: 428b3b5125441e5ec1a383a6353c1d9e9d353a71-1667334401
forms.ministryforms.net/ Name: ai_user
Value: KbPJo8XlrEXB0UyyA/GZn7|2022-11-01T20:26:44.493Z
forms.ministryforms.net/ Name: ai_session
Value: rZw6EnZF0mRXDU6a/Soc20|1667334405509|1667334405509
.google.com/ Name: NID
Value: 511=duwLEDAA0ttqWXN2FPt4AvJ0No1zHF4CWhwtQiDOOI0DrvAjvQwp1ddQqYCFBokt9Uqi8LrMGKEefPSuyh2X0OF3wC_btAbMXTyLda-_wcB0toxbzKqy3gnHvB_32Wp3dhP-EXmyNk3zkIZLZS1-QC76Hl4PaSIQsjsvrfrckQk

4 Console Messages

Source Level URL
Text
javascript warning URL: https://forms.ministryforms.net/embed.aspx?formId=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true(Line 149)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.auth0.com/js/auth0/9.5.1/auth0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://forms.ministryforms.net/embed.aspx?formId=e829cd7d-3222-4ddc-a176-4230f811771c&direct-link=true(Line 149)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.auth0.com/js/auth0/9.5.1/auth0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
c.paypal.com
cdn.auth0.com
cdnjs.cloudflare.com
eastus2-0.in.applicationinsights.azure.com
fonts.googleapis.com
fonts.gstatic.com
forms.ministryforms.net
giving.parishsoft.com
outbound.ministrybrands.com
pay.google.com
pciprdprodfmssa.blob.core.windows.net
pro.fontawesome.com
t.paypal.com
www.google.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.paypal.com
143.204.207.119
151.101.193.21
151.101.66.133
192.229.221.25
20.96.152.128
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2c40::c73c:67e1
2606:4700::6811:180e
2606:4700::6812:1734
2620:1ec:40::45
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2003
2a00:1450:400c:c06::5c
52.167.221.184
52.239.192.4
0adaf22e6710cbc950db6526ac09b6c8757ed25e4701196e88cf2f87dca596c7
0c4aebe921b9a73e0b29813122e427fcc2bb996848dcdb906bfddc8b8b22c3ca
199537fd1071ed91a31b62f86795f7f10052cfc8015ddbba7267ace0bedba008
246770fb5c0ca892721975f25c4e7aa802f4f76c955d53864328858a0adc58bb
28c33fae1762817c3f3427558c42d951dc8975cddcf0500b82c000906873fd26
2e5c9d60053fc83e477f353388d954f4a8f4e0c5d00b3e71fb550e8d55a97955
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
2f7fd72d7b53a6c582d8d7d139e813eeeacba5f8dadd49c7c677c5b8dc9d1ede
30927ce14f16754309fe5174b9677f205b2c7c37bc66c210e0566dfbf66f9deb
310fc5868accfabbe74a106dab8ba0777755ceb0fd005d0942c20ab9d55989ae
35f96e907107e31f46b0636e13977971e032706f9c870f3914554072186f2fe5
3f31603265a4f8870b3bd67fcf94813f56a86b678d7ccb24e35001614d14d2c2
425b6f39749e60d6f3070c56b69a290afc23883b100cfe0d0f1ad713e092d8b2
4803f7383144b6a01dc87221b3318adfc6a125bdb4bec9d8613dcf5df8f8e557
4f53abeb9866fc71f2e67246aafb24fcad4ac64316958087350f70335a7bbedd
5c2152bb8f24c583128b5a8d7588e191eb3c97ab7f994898fc0964e3d5a5d402
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
68f9e90f16f8d6158f27805adbe9d70f1700e69c5bbcfcfa30e873c68175f7af
6c48e3beb1ec3888c0f1c174d7173ea9cf2172b25a933fb9c21845b4955223c6
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
722b5bf4a7ae565ad172dd2303123a0fcf8ef32b86a2d5cdef7285fcee90a58b
727a0ce6924e22b6371526875cdc90dbce933146a82d82306e90e5e59189adc0
7412d2bdeb60af1f915f8f6375e052d7436d945a89832fb464c896d7e10c44be
7414469520ce4fefe52d49a9c4e48181eb331885858fdbac32841c4d28a1b04f
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8850c59b00380af79a60472b2d9db31db1f9abe5bbb3b3771eabb12780653688
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8b14f7b95603839f9d6c89d23eb08fa18c3d96a4c7d7cd2e723b831ee7413f25
8de17001f0d04ec790abcc1c9bf075998eaf0f5875160d4b255a09ba2a4ea6dd
912061a3387860ad4b1257bb96df147a37639bb99cb460dc1fbb09ca0ef323f8
9b83a4a757176c9fc35fbc97d8f751198e239cc381e8ecb0d83bdf1c174bcd57
9c9a06bfa047a5dd1995b2c9fc5eb91bd203d4ea771297820b771c972bd766e5
9ddde73a0e3e8b16e7c518f00380c542c96dbec8b0f80363d5037d905f0bba9d
9f35f72d1b6d10f0b5ebca8169126dbab29cbbf968118773b2f65224ec612d0f
a125f56731750f15001719ac3c2b9ee3beec5bc37c3c21b46eef08c53c7fa07f
ac4f3a99557d9c17b6ded0c6d4f0b267f4879cde9baec07a83910ab8c7059f77
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
c65499454b28db683dd0efc366872a896cef0fe2ccfd6d51d6db446dcad88fcb
d175f9ec40f49c4b0282c6b4c08986c3d6f375cf953a8cc42afd37802d5f96bc
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dfbbc2e7071db10ea02d2eb68a16ec63fcb5cc8c13b18341232ec43807c52fec
dfdd721c61c9f241bcdf9d223e96e45f84813a49ea6490577e5e79e03850daa2
e1f154281a626ca0d484257f5595541e1c2c727381cf1280bd7bccfdf61d9672
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9bf8d8288e01ed490a1e3bb464970c9a95683ae4ea21bab8aa21370627be9fc
f8f30dc7c4edb53d94738a942614bfb576b432ba10e89ba29127b18a2d8c0108
fa83faecf96324d94f3147a492b6c2c3a1130b57d11c94b1ed1e9c9b261568b6
fb970606cfd8afcdffc1eb76d92d48041a9fe9de8113b3e20f4da3efabaa9928