my.americares.org Open in urlscan Pro
2606:4700::6812:c55f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.hello.americares.org/?qs=594b4801343b07bda44001fd30c567900869bd37ba1fb04424b5ba4259af50267354110cc92185ebbbf332edbfd8...
Effective URL:
https://my.americares.org/give/532076/
Submission: On December 04 via manual (December 4th 2023, 3:18:37 pm UTC) from US — Scanned from DE

Summary HTTP 173 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 18 domains to perform 173 HTTP transactions. The main IP is 2606:4700::6812:c55f, located in United States and belongs to CLOUDFLARENET, US. The main domain is my.americares.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 1st 2023. Valid for: a year.

This is the only time my.americares.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.110.221.60 13.110.221.60	14340 (SALESFORCE) (SALESFORCE)
17	2606:4700::68... 2606:4700::6812:c55f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2606:4700::68... 2606:4700::6812:7c49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
4	2600:9000:230... 2600:9000:2304:d000:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.248.104 18.66.248.104	16509 (AMAZON-02) (AMAZON-02)
20	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
5	34.68.9.145 34.68.9.145	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a02:26f0:310... 2a02:26f0:3100::1735:2ba0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.67.23.169 172.67.23.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.217.88.132 52.217.88.132	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
12	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:400c:c0b::5c	15169 (GOOGLE) (GOOGLE)
2	2600:9000:25e... 2600:9000:25e8:5400:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	54.76.53.164 54.76.53.164	16509 (AMAZON-02) (AMAZON-02)
4	34.213.255.230 34.213.255.230	16509 (AMAZON-02) (AMAZON-02)
26	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
173	27

1 13.110.221.60 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.hello.americares.org

click.hello.americares.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6812:c55f (United States)

ASN13335 (CLOUDFLARENET, US)

my.americares.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6812:7c49 (United States)

ASN13335 (CLOUDFLARENET, US)

prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

files.doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2304:d000:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-104.dus51.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.68.9.145 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 145.9.68.34.bc.googleusercontent.com

www.americares.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3100::1735:2ba0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

image.hello.americares.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.23.169 (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.guidestar.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.88.132 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

signforgood.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400c:c0b::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:25e8:5400:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.53.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-53-164.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.213.255.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-255-230.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	stripe.com js.stripe.com — Cisco Umbrella Rank: 1282 q.stripe.com — Cisco Umbrella Rank: 7730 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5257 m.stripe.com — Cisco Umbrella Rank: 1245 r.stripe.com — Cisco Umbrella Rank: 3529	1022 KB
32	google.com pay.google.com — Cisco Umbrella Rank: 2109 play.google.com — Cisco Umbrella Rank: 32	843 KB
25	americares.org 1 redirects click.hello.americares.org — Cisco Umbrella Rank: 578616 my.americares.org www.americares.org image.hello.americares.org — Cisco Umbrella Rank: 585753	471 KB
18	classy.org prod-frs.content.classy.org — Cisco Umbrella Rank: 42375 pay.classy.org — Cisco Umbrella Rank: 47051 assets.classy.org — Cisco Umbrella Rank: 49368	2 MB
15	gstatic.com fonts.gstatic.com www.gstatic.com	413 KB
4	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 5151	128 KB
3	doublethedonation.com files.doublethedonation.com — Cisco Umbrella Rank: 57707	134 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1361	16 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	69 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	amazonaws.com signforgood.s3.amazonaws.com	440 KB
1	guidestar.org widgets.guidestar.org — Cisco Umbrella Rank: 32688	5 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 13515	43 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 857	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 26902	5 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	17 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
173	18

	Domain	Requested by
26	r.stripe.com	js.stripe.com
24	play.google.com	www.gstatic.com
20	js.stripe.com	cdn.transcend.io js.stripe.com
16	my.americares.org	my.americares.org cdn.transcend.io
12	q.stripe.com	my.americares.org
10	prod-frs.content.classy.org	my.americares.org cdn.transcend.io prod-frs.content.classy.org
8	www.gstatic.com	pay.google.com www.gstatic.com
8	pay.google.com	js.stripe.com pay.google.com my.americares.org www.gstatic.com
7	fonts.gstatic.com	fonts.googleapis.com
7	assets.classy.org
5	www.americares.org
4	m.stripe.com	m.stripe.network
4	cdn.transcend.io	my.americares.org cdn.transcend.io
3	image.hello.americares.org
3	files.doublethedonation.com	my.americares.org files.doublethedonation.com cdn.transcend.io
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.youtube.com	cdn.transcend.io
1	merchant-ui-api.stripe.com	js.stripe.com
1	code.jquery.com	cdn.transcend.io
1	fonts.googleapis.com	cdn.transcend.io
1	signforgood.s3.amazonaws.com
1	widgets.guidestar.org
1	pay.classy.org	cdn.transcend.io
1	cdn.plaid.com	cdn.transcend.io
1	unpkg.com	cdn.transcend.io
1	htp.tokenex.com	cdn.transcend.io
1	www.googleadservices.com	cdn.transcend.io
1	static.cloudflareinsights.com	my.americares.org
1	click.hello.americares.org	1 redirects
173	29

This site contains links to these domains. Also see Links.

Domain
www.classy.org
charitynavigator.org
www.give.org
www.guidestar.org
www.forbes.com
annelewisllc.atlassian.net
www.americares.org

Subject Issuer	Validity	Valid
my.americares.org Cloudflare Inc ECC CA-3	`2023-02-01` - `2024-02-01`	a year	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
snie5b5gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-05-17`	a year	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2023-02-08` - `2024-01-12`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
pay.classy.org Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
americaresindia.amcares.materiellcloud.com R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
san-13-s12.tlsprovisioning.exacttarget.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-25` - `2024-02-25`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://my.americares.org/give/532076/
Frame ID: 57D1FD103CD7FD60F5A1520D010F016D
Requests: 69 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 4E1ADABB51F616493C8C99013C0FDF39
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-e7b9fa2d6dceccc96cca9955ca6d67de.html
Frame ID: 16D4599FA2EB60C2AE85EBD20E22A51D
Requests: 33 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html
Frame ID: AA283072E3A7540EF151E1F43453B12A
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-61e11786da53fce7b0dcadc885bcda3a.html
Frame ID: B556EF9974B309A12271DA284DDF4C70
Requests: 5 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 22F11177C50E68686D5B78936A91FD1A
Requests: 7 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 88610AF3D9A5728C67E4A575838D2F60
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html
Frame ID: 4796B1BE236839A4EE42EB87BAF58627
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-61e11786da53fce7b0dcadc885bcda3a.html
Frame ID: 290A9F8E2073210ACAA8D27F237211E4
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 1A15CB3ACE8C12834F0970934E6A3EDC
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to Giving Tuesday 8X Match

Page URL History Show full URLs

https://click.hello.americares.org/?qs=594b4801343b07bda44001fd30c567900869bd37ba1fb04424b5ba4259af50267354110c... HTTP 302
https://my.americares.org/give/532076/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

173
Requests

99 %
HTTPS

56 %
IPv6

18
Domains

29
Subdomains

27
IPs

4
Countries

5405 kB
Transfer

15683 kB
Size

17
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.classy.org/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy
Title: Classy Privacy Policy

Search URL Search Domain Scan URL

URL: https://charitynavigator.org/ein/061008595

Search URL Search Domain Scan URL

URL: http://www.give.org/charity-reviews/national/health/americares-foundation-inc-in-stamford-ct-1739

Search URL Search Domain Scan URL

URL: https://www.guidestar.org/profile/shared/7f4b78f5-0139-475a-8e23-6c9732ce1989

Search URL Search Domain Scan URL

URL: https://www.forbes.com/lists/top-charities/?sh=6b7f83c25f50

Search URL Search Domain Scan URL

URL: https://annelewisllc.atlassian.net/browse/AMCR-436#:~:text=please%20see%20our-,Privacy%20Policy,-and%20our%20website%E2%80%99s
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.americares.org/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.hello.americares.org/?qs=594b4801343b07bda44001fd30c567900869bd37ba1fb04424b5ba4259af50267354110cc92185ebbbf332edbfd809796551b0582eec9f3da6bf7bb045ba05da HTTP 302
https://my.americares.org/give/532076/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

173 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
my.americares.org/give/532076/
Redirect Chain

https://click.hello.americares.org/?qs=594b4801343b07bda44001fd30c567900869bd37ba1fb04424b5ba4259af50267354110cc92185ebbbf332edbfd809796551b0582eec9f3da6bf7bb045ba05da
https://my.americares.org/give/532076/

332 KB
48 KB

1133ms
1001ms

Document
text/html

2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/give/532076/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1398c8bd5eaf7fdc842334bcb429358c73e9dbe785a983b96277c69254c90901

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 830505b3fcc9bbf7-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 15:18:30 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 294
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Dec 2023 15:18:29 GMT
Location: https://my.americares.org/give/532076/#!/donation/checkout?utm_medium=email&utm_campaign=23_giving_tuesday_ext_3_fr&c_src=DI24K2U3&c_src2=jtk1146-fr-fl&amount=65

GET
H2 200 main.css
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/ 1 MB
146 KB 115ms
52ms Stylesheet
text/css 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/main.css

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/532076/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80f6fe6e347d4b5c4068bc7fe50caef888ac564137e7671e80c0428dc299458d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: AHGF2PREKJR8DJN5
age: 30739
cf-polished: origSize=1156305
x-amz-server-side-encryption: AES256
x-amz-id-2: k/FUbiXpKGXy8gMJHCn/PPNIgSotXjk/j3TJ4LGyObkJO2mAzVQLKdgYG4LCfxoQ0pVLr2406jKE3UulCH3smg==
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
etag: W/"fe0f29c9578c5c4b70b110a572190ac1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 830505bb3c600857-FRA

GET
H2 200 ddplugin.css
files.doublethedonation.com/app/ 141 KB
17 KB 110ms
23ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.css
Requested by: Host: my.americares.org
URL: https://my.americares.org/give/532076/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF6) /
Resource Hash: 60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 04 Dec 2023 15:18:30 GMT
content-encoding: gzip
content-md5: ZRi6wreqb8lyrsIdYQAn/Q==
age: 316
x-cache: HIT
content-length: 16794
x-ms-lease-status: unlocked
last-modified: Thu, 30 Nov 2023 17:56:30 GMT
server: ECAcc (frc/4CF6)
etag: 0x8DBF1CDAEA1A728
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-ms-request-id: b0fb71d6-b01e-001d-6cc4-2648bb000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Mon, 04 Dec 2023 16:18:30 GMT

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 131 KB
45 KB 125ms
39ms Script
application/javascript 2600:9000:2304:d000:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/532076/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d000:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

aa23f68b3d5c7eed8f0ebfa79457437800fa6d915b50755195217fc6d3d0916d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:30 GMT
content-encoding: br
via: 1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: VIE50-P1
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: reUHjdGjF23OiQYV7-fpiHy4Hn5GyYNi97dvbQVUoKfWnwdXUvlUcA==
x-xss-protection: 1; mode=block

GET
H2 404 fontello.css
files.doublethedonation.com/fontello/css/ 0
0 377ms
377ms Stylesheet
application/xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/fontello/css/fontello.css
Requested by: Host: files.doublethedonation.com
URL: https://files.doublethedonation.com/app/ddplugin.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://files.doublethedonation.com/app/ddplugin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 16:18:31 GMT
x-ms-request-id: c1c6b3a9-801e-004b-18c5-26b954000000
date: Mon, 04 Dec 2023 15:18:30 GMT
cache-control: max-age=3600
server: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0
content-length: 223
content-type: application/xml

GET
H2 200 rocket-loader.min.js Show response
my.americares.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 24ms
23ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/532076/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/give/532076/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 28 Nov 2023 16:06:21 GMT
server: cloudflare
content-encoding: gzip
etag: W/"65660ffd-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 830505bbfa6fbbf7-FRA
expires: Wed, 06 Dec 2023 15:18:31 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 116ms
65ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: my.americares.org
URL: https://my.americares.org/give/532076/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://my.americares.org/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:31 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 830505be2c309950-FRA

GET
H2 200 ui.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 267 KB
77 KB 96ms
34ms Script
text/javascript 2600:9000:2304:d000:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d000:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.americares.org/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: pGLiXkBTZEwR1GE0xA6XjctsUE08zxMZ
content-encoding: gzip
via: 1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
date: Mon, 04 Dec 2023 05:15:57 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: VIE50-P1
age: 36157
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fc84468acd1aa46963b34967f73979cb-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: RnjJtrI-tTGqGa8650oEVsWDeT-ND68j1rW_hfo8bEcgYLUC3TAuwg==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 46 KB
17 KB 165ms
115ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4a7f98e1c8cf8e554367fff1654188232d247820a3711a02138956c223a2c786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16830
x-xss-protection: 0
server: cafe
etag: 1248611486558308849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 15:18:31 GMT

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 19 KB
5 KB 592ms
145ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 15:18:30 GMT
last-modified: Tue, 28 Nov 2023 19:37:14 GMT
etag: "051a3493222da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4905
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 84ms
37ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:31 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 386794
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGF5NKJ7M3W20KNT7RH3NTJY-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 830505be6d3c4da4-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/donation/ 184 KB
38 KB 51ms
50ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/donation/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dcb9ea2c438e20571d67b158981a0fc85924e93d84dc49a29bb6bf3d1f1fcc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
x-amz-request-id: HG8641JHN37RSTJE
age: 27736
etag: W/"531bb48d7235f61a29e0ad3b073a880e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 830505be18f70857-FRA
x-amz-id-2: lpytTXvegb3OU8sP4xakoaaJJJLfXHFspLyvRWpZN2p14iN9qIAFxa41wbHwlSXvoNLWEhsxT0s=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/ 2 MB
388 KB 65ms
64ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63a3548860c583edc719e7265f64c6c7d68cb4661f5f6c8ef107ca94f8977ffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:16 GMT
server: cloudflare
x-amz-request-id: 2NJNHTYNBSXC07RD
age: 36230
etag: W/"a9f1a7b5775b65256aa2d076d8158ac4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 830505be18fb0857-FRA
x-amz-id-2: 81PGrr22MhArVMHiFPEYGJn+H311/RkTjWo2fJBTvOGQpKpNoN1jfPjj9Yjx1M+ZLLH6B3F98kcOUrC+X5JjTMHiC5W6NIhn6gSlDudpSOk=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/ 1 MB
429 KB 59ms
58ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/libs.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
x-amz-request-id: D606H2YNR2XJ0G8H
age: 37430
etag: W/"89ff3b468454fac32729fc74e3c9be17"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 830505be18fd0857-FRA
x-amz-id-2: UbSypWmIHwko9WdNFmWrx4RDx1Rz0hOAeHwjSxLSQnZ2z9tr+NRSpj0AWtYoOxoHtuCj6tsDDaw=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 142 KB
43 KB 114ms
51ms Script
application/javascript 18.66.248.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-104.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26bac992b3e8235c5dd52128b69c9951f6c6e5a40b44d60be1ac9d26aa77c102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: tMftr378D4QHDYw1H6N7oPnF2LXOKQ2Q
content-encoding: gzip
via: 1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
date: Sun, 03 Dec 2023 21:03:24 GMT
x-amz-request-id: AGXACPYKSW8Z7YW5
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
age: 65708
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: dAHLZ0+ltF1GV2Yq3g2mF0h3wp/pzntSbaBUwiqeFU+KEoHUAGtOXyIOrqI2CUnNKQf/PeaDhpI=
last-modified: Fri, 01 Dec 2023 19:10:21 GMT
server: AmazonS3
etag: W/"810bc0c04d6260227717e22354c82def"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: MQekKDGk6HNv1xpPqsSyQdLggwotxH8Y36eEODfe4AxEPl225RymFA==

GET
H2 200 / Show response
js.stripe.com/v3/ 560 KB
155 KB 138ms
41ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

eb5036bad8662eb3aeca1984456f9d3bbc3ad934ef96c6e46f64a86fbae1d5af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 15:18:31 GMT
via: 1.1 varnish
age: 43
x-cache: HIT
content-length: 158203
x-request-id: ce2e6c07-b430-458f-a082-b9b79f0216a7
x-served-by: cache-cph2320029-CPH
last-modified: Fri, 01 Dec 2023 21:45:14 GMT
server: Fastly
etag: "cd52d1197822ef515efcd0a52a691074"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12

GET
H2 200 ddplugin.js Show response
files.doublethedonation.com/app/ 453 KB
117 KB 22ms
21ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C94) /
Resource Hash: 78ef91351242065c5e49b2833c002edb964c4f27724ab80490bf9ba0c657ef57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 04 Dec 2023 15:18:31 GMT
content-encoding: gzip
content-md5: j85HlOqsWjUM249F0XNiNw==
age: 3598
x-cache: HIT
content-length: 119445
x-ms-lease-status: unlocked
last-modified: Thu, 30 Nov 2023 17:56:30 GMT
server: ECAcc (frc/4C94)
etag: 0x8DBF1CDAEAD6541
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-ms-request-id: d1df810e-301e-0071-35bc-26a32c000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Mon, 04 Dec 2023 16:18:31 GMT

GET
H2 200 cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 15 KB
4 KB 32ms
31ms Stylesheet
text/css 2600:9000:2304:d000:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d000:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: JWSMp_NTaRFeSeqpmxFPkel0LiL4cMwY
content-encoding: gzip
via: 1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
date: Mon, 04 Dec 2023 07:58:35 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: VIE50-P1
age: 26534
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fb3f2afd9f46893bb196329ab90276a6-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: PBEuX2_vPKHFsbn00pzNXwdkKtcTtnm3ycEYOtCLDghGs48iRzWZgw==

GET
H2 200 en.json Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ 8 KB
2 KB 30ms
30ms Fetch
application/json 2600:9000:2304:d000:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d000:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: Pw3hE5sAYQ0kvHESktDQjUKbfeKteOb6
content-encoding: br
via: 1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
date: Mon, 04 Dec 2023 07:18:08 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: VIE50-P1
age: 28824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"ecabc5423541bd640b7f7a45cb696671-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: OrcVnt0-SoBNz7Biq_bg-6bNhuSrZTmLONQw-hYXq8BkeOZxBes3ew==

GET
H2 200 sdk.js Show response
my.americares.org/sso/ 26 KB
7 KB 547ms
547ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/sso/sdk.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca59ea276635e06f4153a8979c26329c234dcc44673066902f6971ecdefc758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/give/532076/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 04 Dec 2023 14:20:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 830505bfd94bbbf7-FRA
expires: Mon, 04 Dec 2023 15:38:32 GMT

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 4E1A 200 B
818 B 41ms
41ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.americares.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7494852
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 15:18:31 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 467051
x-content-type-options: nosniff
x-request-id: 660a9187-058d-420b-b048-e43effef546d
x-served-by: cache-cph2320029-CPH

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 94ms
44ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a63f486f5b05184dc0708669c9c1823de00295dd74b090557b77268118ecc0dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 04 Dec 2023 15:18:32 GMT

POST
H2 204 rum Show response
my.americares.org/cdn-cgi/ 0
166 B 36ms
35ms XHR
text/plain 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-2fda7249301b0f37----1701703112146
traceparent: 00-bda2842cff954017437d984b6388b500-2fda7249301b0f37-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyZmRhNzI0OTMwMWIwZjM3IiwidHIiOiJiZGEyODQyY2ZmOTU0MDE3NDM3ZDk4NGI2Mzg4YjUwMCIsInRpIjoxNzAxNzAzMTEyMTQ2fX0=
content-type: application/json
Referer: https://my.americares.org/give/532076/

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://my.americares.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 830505c2fdc6bbf7-FRA

GET
H2 200 market-data Show response
my.americares.org/frs-api/crypto-giving/BTC/USD/ 36 B
155 B 416ms
415ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/crypto-giving/BTC/USD/market-data

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e53fe955d2e6fb3c39d77be059b2f538fd609ef793db1d855764c337b7f13f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: iYCBZE9k-PpDM4bCrrSpwMhZYcQdGCoTZ8OM
tracestate: 423787@nr=0-1-423787-363751183-ce70644c9f97a1a8----1701703112236
traceparent: 00-b3717dda45346890901515d062f01800-ce70644c9f97a1a8-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjZTcwNjQ0YzlmOTdhMWE4IiwidHIiOiJiMzcxN2RkYTQ1MzQ2ODkwOTAxNTE1ZDA2MmYwMTgwMCIsInRpIjoxNzAxNzAzMTEyMjM2fX0=
Accept: application/json, text/plain, */*
csrf-token: iYCBZE9k-PpDM4bCrrSpwMhZYcQdGCoTZ8OM
Referer: https://my.americares.org/give/532076/

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"24-qbzIuMf8HyeCfUq2jInEoJVDy9E"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 830505c38ea6bbf7-FRA
content-length: 36

GET
H2 200 tax-entities Show response
my.americares.org/frs-api/organizations/29423/ 629 B
390 B 480ms
479ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/organizations/29423/tax-entities

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4c26dfde09ed6e458fd1d42c13169455ea98d479d85d3242a61cb0d15bdd00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: iYCBZE9k-PpDM4bCrrSpwMhZYcQdGCoTZ8OM
tracestate: 423787@nr=0-1-423787-363751183-e476322e070cef5f----1701703112237
traceparent: 00-77e17c56fb1ade481af8c953f5013c00-e476322e070cef5f-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlNDc2MzIyZTA3MGNlZjVmIiwidHIiOiI3N2UxN2M1NmZiMWFkZTQ4MWFmOGM5NTNmNTAxM2MwMCIsInRpIjoxNzAxNzAzMTEyMjM3fX0=
Accept: application/json, text/plain, */*
csrf-token: iYCBZE9k-PpDM4bCrrSpwMhZYcQdGCoTZ8OM
Referer: https://my.americares.org/give/532076/

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"275-Ivi7ty8PNvuBrAmy7h5YtGEe6KI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 830505c38eaabbf7-FRA

GET
H2 200 channels Show response
my.americares.org/frs-api/campaigns/532076/ 1 KB
542 B 503ms
503ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/campaigns/532076/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a39448f831f51739ddb4b65ff0a65e41738a01baee5e4bab3c2acee12d9509f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: iYCBZE9k-PpDM4bCrrSpwMhZYcQdGCoTZ8OM
tracestate: 423787@nr=0-1-423787-363751183-5b3c60e263b7620c----1701703112237
traceparent: 00-a0a256dc8a404668fd0c255da1a97000-5b3c60e263b7620c-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI1YjNjNjBlMjYzYjc2MjBjIiwidHIiOiJhMGEyNTZkYzhhNDA0NjY4ZmQwYzI1NWRhMWE5NzAwMCIsInRpIjoxNzAxNzAzMTEyMjM3fX0=
Accept: application/json, text/plain, */*
csrf-token: iYCBZE9k-PpDM4bCrrSpwMhZYcQdGCoTZ8OM
Referer: https://my.americares.org/give/532076/

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"40f-m88QubmFXd4eP2MNlvQI7rFsk+8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 830505c38eabbbf7-FRA

GET
H2 200 ach-account-routing Show response
my.americares.org/frs-api/organizations/29423/ 32 B
301 B 447ms
447ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/organizations/29423/ach-account-routing

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ca9d31f3f621954176f2af3955d7b2f691fde115dee35b03fdec5eb889209e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: iYCBZE9k-PpDM4bCrrSpwMhZYcQdGCoTZ8OM
tracestate: 423787@nr=0-1-423787-363751183-2f1184f9d857d531----1701703112238
traceparent: 00-135096a6162c9c40797c7dc2d4053900-2f1184f9d857d531-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyZjExODRmOWQ4NTdkNTMxIiwidHIiOiIxMzUwOTZhNjE2MmM5YzQwNzk3YzdkYzJkNDA1MzkwMCIsInRpIjoxNzAxNzAzMTEyMjM4fX0=
Accept: application/json, text/plain, */*
csrf-token: iYCBZE9k-PpDM4bCrrSpwMhZYcQdGCoTZ8OM
Referer: https://my.americares.org/give/532076/

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"20-IrwpdIgvwDw+aj4yRYzT7Xca9EM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 830505c38eadbbf7-FRA
content-length: 32

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
685 B 498ms
433ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=23470&currency=USD

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://my.americares.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 46da137b-e603-4def-8ecd-34aea2d3da4d
cf-ray: 830505c409634dca-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 designations Show response
my.americares.org/frs-api/campaign/532076/ 1 KB
1 KB 494ms
494ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/campaign/532076/designations?per_page=100

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1516ad210805201120410a7aeae15d8e7deea8c672b54e303d5a7b8234f185a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: iYCBZE9k-PpDM4bCrrSpwMhZYcQdGCoTZ8OM
tracestate: 423787@nr=0-1-423787-363751183-d1b2a4a045f5b77f----1701703112295
traceparent: 00-a3fc029a3033ecbbcb87f74339ca0b00-d1b2a4a045f5b77f-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJkMWIyYTRhMDQ1ZjViNzdmIiwidHIiOiJhM2ZjMDI5YTMwMzNlY2JiY2I4N2Y3NDMzOWNhMGIwMCIsInRpIjoxNzAxNzAzMTEyMjk1fX0=
Accept: application/json, text/plain, */*
csrf-token: iYCBZE9k-PpDM4bCrrSpwMhZYcQdGCoTZ8OM
Referer: https://my.americares.org/give/532076/

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"529-72L6yjkXqhbSMQT3GC/xSn+bPHo"
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=7C7dNijOAKBPF8czHM2JL9ydCXi9YiMURW.rVaSBsSU-1701703112-0-ATCFgBkGwhu1yW4GfNlA4kOUyERstL6DiT_LDDemzL8KgWmA8OB4ITR5PJNswLZ1ANGqWmQBcDq_sVDLJaMm14KW3EJxRDDIz--1rIaqMJBHuy1hikYCxXLr-1_nBHTXliz1uG5UdLDPgBpLahC0kCUrS3tei8TYYPmUdCh0ppLf; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=7C7dNijOAKBPF8czHM2JL9ydCXi9YiMURW.rVaSBsSU-1701703112-0-ATCFgBkGwhu1yW4GfNlA4kOUyERstL6DiT_LDDemzL8KgWmA8OB4ITR5PJNswLZ1ANGqWmQBcDq_sVDLJaMm14KW3EJxRDDIz--1rIaqMJBHuy1hikYCxXLr-1_nBHTXliz1uG5UdLDPgBpLahC0kCUrS3tei8TYYPmUdCh0ppLf"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 830505c3ef40bbf7-FRA

GET
H2 200 designations Show response
my.americares.org/frs-api/campaigns/532076/ 1 KB
675 B 486ms
486ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/campaigns/532076/designations?filter=id%3D181085

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ddca95eb3270ac7753c4b8becb6372e00c578057d8c9bf3f406fb76860eeb73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: iYCBZE9k-PpDM4bCrrSpwMhZYcQdGCoTZ8OM
tracestate: 423787@nr=0-1-423787-363751183-7c71d14e9e4aa97c----1701703112296
traceparent: 00-2ca3b4bda66562ae9df4516a0637b900-7c71d14e9e4aa97c-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3YzcxZDE0ZTllNGFhOTdjIiwidHIiOiIyY2EzYjRiZGE2NjU2MmFlOWRmNDUxNmEwNjM3YjkwMCIsInRpIjoxNzAxNzAzMTEyMjk2fX0=
Accept: application/json, text/plain, */*
csrf-token: iYCBZE9k-PpDM4bCrrSpwMhZYcQdGCoTZ8OM
Referer: https://my.americares.org/give/532076/

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"522-IcGCHeLIlPPFlGVmr0uLKWD/AUk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 830505c3ef41bbf7-FRA

GET
H2 200 currency-conversions Show response
my.americares.org/frs-api/i18n/ 75 B
210 B 413ms
412ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cea1802d8b56ca8838e30f48d870ac055808c836844e13eed0aa0785c4d71ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: iYCBZE9k-PpDM4bCrrSpwMhZYcQdGCoTZ8OM
tracestate: 423787@nr=0-1-423787-363751183-cdba7e3c78668471----1701703112330
traceparent: 00-b453820a1e20454b53fce851fdfa1f00-cdba7e3c78668471-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjZGJhN2UzYzc4NjY4NDcxIiwidHIiOiJiNDUzODIwYTFlMjA0NTRiNTNmY2U4NTFmZGZhMWYwMCIsInRpIjoxNzAxNzAzMTEyMzMwfX0=
Accept: application/json, text/plain, */*
csrf-token: iYCBZE9k-PpDM4bCrrSpwMhZYcQdGCoTZ8OM
Referer: https://my.americares.org/give/532076/

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-UnRLCZ064vzK4Ltc1GMRJ341jFI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 830505c42f9ebbf7-FRA

GET
H2 200 user-icon.png
my.americares.org/static/global/images/ 2 KB
2 KB 61ms
58ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.americares.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/give/532076/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 285233
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Thu, 23 Nov 2023 00:06:14 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "655e9776-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830505c42faebbf7-FRA
expires: Sat, 30 Nov 2024 08:04:39 GMT

GET
H2 200 27763abc-91e0-11ed-82c8-0a1c832b3407.png
assets.classy.org/24215585/ 5 KB
6 KB 64ms
46ms Image
image/webp 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/24215585/27763abc-91e0-11ed-82c8-0a1c832b3407.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45e9b59fcd2486c88fd617281b79e2fa27a67600efbd31cc66e2da0958b3b164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: XFWZWjllSQ52fmP8b0jl0LGYDwLVxYgE
age: 43924
x-amz-cf-pop: FRA6-C1
cf-polished: origFmt=png, origSize=7029
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="27763abc-91e0-11ed-82c8-0a1c832b3407.webp"
content-length: 5532
last-modified: Wed, 11 Jan 2023 18:45:46 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "7fbc9a50831c7f95cf4d65bb5c421abc"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 830505c44a830857-FRA
x-amz-cf-id: nK_88RmTY3V_8-z8UhIVJAV8uS3oMyJhed9nPYtXJykml2YQTLMaKw==

GET
H2 200 Artboard-%E2%80%93-4-2048x112white.png
www.americares.org/wp-content/uploads/ 2 KB
3 KB 421ms
130ms Image
image/png 34.68.9.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americares.org/wp-content/uploads/Artboard-%E2%80%93-4-2048x112white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.9.145 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

145.9.68.34.bc.googleusercontent.com

Software

nginx/1.25.2 /

Resource Hash

061906633f249332d25115dd606fdd22d30006b25cc45039ad67c6d2008814f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 28 Feb 2023 07:14:49 GMT
server: nginx/1.25.2
etag: "63fda9e9-9b3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2483
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 donate-page-footer1b-sm.png
www.americares.org/wp-content/uploads/ 3 KB
3 KB 677ms
386ms Image
image/png 34.68.9.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americares.org/wp-content/uploads/donate-page-footer1b-sm.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.9.145 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

145.9.68.34.bc.googleusercontent.com

Software

nginx/1.25.2 /

Resource Hash

3022c8a32d41b95a1a8ed9066c3fcb396cdef772f01a6df1179db516973023f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09 Feb 2023 18:49:41 GMT
server: nginx/1.25.2
etag: "63e54045-bda"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3034
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 donate-page-footer2b-sm.png
www.americares.org/wp-content/uploads/ 271 KB
272 KB 421ms
130ms Image
image/png 34.68.9.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americares.org/wp-content/uploads/donate-page-footer2b-sm.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.9.145 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

145.9.68.34.bc.googleusercontent.com

Software

nginx/1.25.2 /

Resource Hash

3761950f8159320bb209f23d8f2d4cabe130bd774fec107d62a6eec6fb005bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09 Feb 2023 15:28:09 GMT
server: nginx/1.25.2
etag: "63e51109-43c83"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 277635
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 donate-page-footer3b-sm.png
www.americares.org/wp-content/uploads/ 3 KB
3 KB 676ms
385ms Image
image/png 34.68.9.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americares.org/wp-content/uploads/donate-page-footer3b-sm.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.9.145 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

145.9.68.34.bc.googleusercontent.com

Software

nginx/1.25.2 /

Resource Hash

3022c8a32d41b95a1a8ed9066c3fcb396cdef772f01a6df1179db516973023f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09 Feb 2023 18:49:31 GMT
server: nginx/1.25.2
etag: "63e5403b-bda"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3034
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dd978b61-f7f9-41b2-9e6a-566ab1fa0d33.png
image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/ 23 KB
23 KB 747ms
333ms Image
image/png 2a02:26f0:3100::1735:2ba0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/dd978b61-f7f9-41b2-9e6a-566ab1fa0d33.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2ba0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 22cedcbd981cbe7498e7d9f64a5ef04a3052f8826b95b3838ade989d9102240d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 15:18:33 GMT
Last-Modified: Wed, 15 Mar 2023 21:22:34 GMT
Server: AkamaiNetStorage
ETag: "72d9fdb8f8ad18b6afff74b8ef17ffbc:1678915354.901111"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=600, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23384

GET
H/1.1 200
OK eadd29f9-a01f-4b84-a2c1-149be8016a5e.png
image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/ 10 KB
11 KB 735ms
321ms Image
image/png 2a02:26f0:3100::1735:2ba0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/eadd29f9-a01f-4b84-a2c1-149be8016a5e.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2ba0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 14699735f336f6c852f63359232ce256d1f0c20a1d430cdea3adbb55b809e520

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 15:18:33 GMT
Last-Modified: Wed, 15 Mar 2023 21:43:43 GMT
Server: AkamaiNetStorage
ETag: "dc00e903512679efec8aa9a9788074b2:1678916623.00379"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=600, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10585

GET
H2 200 6867435
widgets.guidestar.org/TransparencySeal/ 13 KB
5 KB 501ms
420ms Image
image/svg+xml 172.67.23.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.guidestar.org/TransparencySeal/6867435
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 15:18:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 830505c4a8c7bba4-FRA
expires: -1

GET
H/1.1 200
OK 785d976d-d6e0-419c-8089-cc96d15ef577.png
image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/ 20 KB
20 KB 1016ms
603ms Image
image/png 2a02:26f0:3100::1735:2ba0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/785d976d-d6e0-419c-8089-cc96d15ef577.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2ba0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 105008deb18d854491560f2991e2e9778be8d62cd007d7682d29ebb2db4283f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 15:18:33 GMT
Last-Modified: Wed, 15 Mar 2023 21:22:36 GMT
Server: AkamaiNetStorage
ETag: "689d6bc8233997d14da57907c4bdcfa5:1678915356.233218"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=600, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20506

GET
H2 200 cd17b4c0-866c-11ed-8ec2-0a58a9feac02.png
assets.classy.org/24215585/ 8 KB
8 KB 73ms
56ms Image
image/webp 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/24215585/cd17b4c0-866c-11ed-8ec2-0a58a9feac02.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48dc407afad3934f710a279a2cc7d152145ba2eb9479d094aa0d6008b0afb231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 88e066f06ce21d9d589e0b7dba0cd180.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: SWi79NcgxjYqMRE8UYaj0veWLSzzbsgw
age: 1021
x-amz-cf-pop: LHR50-P8
cf-polished: origFmt=png, origSize=22246
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="cd17b4c0-866c-11ed-8ec2-0a58a9feac02.webp"
content-length: 7980
last-modified: Wed, 28 Dec 2022 05:02:19 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "c0e3fc8201856f6eee4bef44e2aa4333"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 830505c44a840857-FRA
x-amz-cf-id: lQRvsDuR9smjPkAk9IGQO0SOiCp87MM4ySDX_Ido8YPzbsDsQrgt1A==

GET
H2 200 crypto-giving-coin-bitcoin.svg
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/crypto-giving/ 1 KB
963 B 39ms
38ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/crypto-giving/crypto-giving-coin-bitcoin.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
x-amz-request-id: Z92R2ESY8KHWX4YH
age: 51305
etag: W/"2861fb7a07b041686ba6360cf7908e28"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 830505c42a5c0857-FRA
x-amz-id-2: ESojplzS7/h59utQkL371Uuy1y1/pQu8f6WnP8e/p2o3dT7DVCXM3tXINyaOWN1owgjfyligJUtpPjUqKqjRbxJGq3X1iFWr

GET
H2 200 crypto-giving-coin-ethereum.svg
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/crypto-giving/ 545 B
423 B 55ms
54ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/crypto-giving/crypto-giving-coin-ethereum.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
x-amz-request-id: HFHEB6RY0FM8GQB7
age: 46219
etag: W/"c8896ba26efa2a5d9aa1659b4aef1f00"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 830505c42a5f0857-FRA
x-amz-id-2: Vtbpf0+gcIGzow0d161+OzSKiBBVp2naNRyWv3TWxnuxgr0qLpnu9UIbK3+6lPQFzwojJmyMBHrtt0vZm57KpQ==

GET
H2 200 crypto-giving-coin-usdc.svg
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/crypto-giving/ 2 KB
1 KB 64ms
63ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/crypto-giving/crypto-giving-coin-usdc.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
x-amz-request-id: FCB6NF9EG1W910H6
age: 46219
etag: W/"120e9a5c0d8ae8e313213cbb2284cafe"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 830505c42a620857-FRA
x-amz-id-2: nEsTgmAqYC1HJG8CwPu2Gatb+bYkZIAhSVrPHRoQdpohLteekOBXWZMB0OJ6few99zy5MuBJYO8=

GET
H2 200 crypto-giving-arrows.svg
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/crypto-giving/ 453 B
450 B 61ms
60ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/crypto-giving/crypto-giving-arrows.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
x-amz-request-id: Y0V3Y1G20D8YV6FX
age: 30293
etag: W/"332ba480e7dc5a9687ededc7c4333e80"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 830505c42a640857-FRA
x-amz-id-2: Ou++QlkSOsDOqsTH5OTijT+bI0Mkq8Fouy29vCftdpTYQW/NWYiwD7ziCuY2QfghpVljmRWsgQ4=

GET
H2 200 db543a4e-9e0a-11ed-a977-0a58a9feac02.png
assets.classy.org/7412683/ 52 KB
52 KB 50ms
50ms Image
image/png 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/7412683/db543a4e-9e0a-11ed-a977-0a58a9feac02.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b3546b5c9e23567e64e596bb5c4a6c9a0ada8b93ac66f6acf3093f6d21ccdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: w_E3ly7uvpXv27qxbwVASonKfk1quRwt
age: 43924
x-amz-cf-pop: FRA6-C1
cf-polished: origSize=55558, status=webp_bigger
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 52979
last-modified: Fri, 27 Jan 2023 06:21:42 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "c66bf54d4015b88ea3d4ac7741284cfe"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 830505c46ab50857-FRA
x-amz-cf-id: _rZEZDepjtDxcCgS06-Q5sIYxiUoOx-lmVda-hfZHXNB4t03vvnxOQ==

GET
H2 200 e420482a-9e0a-11ed-8a96-0a734b0acd6b.png
assets.classy.org/7412683/ 39 KB
39 KB 62ms
61ms Image
image/webp 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/7412683/e420482a-9e0a-11ed-8a96-0a734b0acd6b.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef96eb757139a3f442f1912339d427c4190f8702c7ef62d7878b60e878c6d0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: X0sogmOLSUjteAUAZDWE4cfBCubb83gj
age: 1030294
x-amz-cf-pop: FRA6-C1
cf-polished: qual=85, origFmt=jpeg, origSize=42539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="e420482a-9e0a-11ed-8a96-0a734b0acd6b.webp"
content-length: 39518
last-modified: Fri, 27 Jan 2023 06:21:57 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "30907fec3ac57d49f49b012b6ba6844f"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 830505c4aaf60857-FRA
x-amz-cf-id: Ogmico5XDpA1A8BWjbzSuHKNdphh_sjxE5O_nuE6scIsX8OcKCVUuw==

GET
H2 200 e9f8c88a-9e0a-11ed-b45e-0a3d5a2204c5.png
assets.classy.org/7412683/ 43 KB
43 KB 55ms
55ms Image
image/png 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/7412683/e9f8c88a-9e0a-11ed-b45e-0a3d5a2204c5.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21c848d60a657f4084ef5968c3466d5c73f0fcbcac905c6fcc7b5acc4d053820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: JVUFhV.GDAW2BBV1uqZVwge1OdAxe_2D
age: 43924
x-amz-cf-pop: FRA6-C1
cf-polished: origSize=46147, status=webp_bigger
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43937
last-modified: Fri, 27 Jan 2023 06:22:05 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "653267ced53f9a7b55e2851dc70e90e9"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 830505c4bb230857-FRA
x-amz-cf-id: DU7_vB3NH1ehEsrIj5JwVe-tL0l703SLF1zHTcNuA0Uo1QXaizlMqw==

GET
H2 200 f7993236-9e0a-11ed-a7da-0ed31938f1b3.png
assets.classy.org/7412683/ 56 KB
56 KB 62ms
62ms Image
image/png 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/7412683/f7993236-9e0a-11ed-a7da-0ed31938f1b3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2966630c66048ac91781e66eb10e74e59ac7f39222fdc9c36e65db587e796e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: tM6nlJCUUPRWUHzFJGYkbLUuxh9tGWM9
age: 43924
x-amz-cf-pop: FRA6-C1
cf-polished: origSize=59774, status=webp_bigger
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 57056
last-modified: Fri, 27 Jan 2023 06:22:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "82269cd019fdd140c21e1cfde5fdc4b5"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 830505c50b870857-FRA
x-amz-cf-id: euS4p1bWymkHXsWjou6v7GqwS7XVWiBWoa1RYgRIoa4Nj8U72C07ew==

GET
H2 200 6417c4a0-775d-11ee-b8e3-0a58a9feac02.png
assets.classy.org/24215585/ 439 KB
440 KB 103ms
100ms Image
image/webp 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/24215585/6417c4a0-775d-11ee-b8e3-0a58a9feac02.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10c69f37683176e14cdfd37a130eebca6519d3e944e9132085c739fb52e3068c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: b60W0lLkJOKmYjfcy6_7VMVEeqfsLVJf
age: 43924
x-amz-cf-pop: FRA6-C1
cf-polished: origFmt=png, origSize=675663
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="6417c4a0-775d-11ee-b8e3-0a58a9feac02.webp"
content-length: 449606
last-modified: Mon, 30 Oct 2023 19:49:10 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "85e879e0cfe881ff860f1a58501cdb0d"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 830505c44a810857-FRA
x-amz-cf-id: o201mrWEwfBvUBNZQ84b-VdWn4E6JduLmiuqZw94QnVD1PLbR2NT9Q==

GET
H/1.1 200
OK givingtuesday2023-3.png
signforgood.s3.amazonaws.com/americares/ 439 KB
440 KB 376ms
141ms Image
application/octet-stream 52.217.88.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signforgood.s3.amazonaws.com/americares/givingtuesday2023-3.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.88.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 676b268a7467bcc914111522a6dfb2f677197535e6d352e3bf3f649439498010

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 15:18:33 GMT
Last-Modified: Fri, 27 Oct 2023 22:05:51 GMT
Server: AmazonS3
x-amz-request-id: EACXCA3TRWSC80E6
ETag: "7b00cf73f46f2916eaa3560e985f2247"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 449989
x-amz-id-2: 8YYVbY5OL3AXJuCllo/U46bNvzE1Y2C9xg3QwKZWLLEikaCrR6fgiHPyrKuJTxRFxroU41pPv9I=

GET
H2 200 amca-tapestrybg-grey.jpg
www.americares.org/wp-content/uploads/ 62 KB
62 KB 527ms
386ms Image
image/jpeg 34.68.9.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americares.org/wp-content/uploads/amca-tapestrybg-grey.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.9.145 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

145.9.68.34.bc.googleusercontent.com

Software

nginx/1.25.2 /

Resource Hash

7df2f591cb5998cbf6e24dcb7489cb13cfc5303bb30716bd4e9c7eeda053ea10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 25 Feb 2022 16:29:27 GMT
server: nginx/1.25.2
etag: "621903e7-f77f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 63359
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/fonts/ 42 KB
43 KB 116ms
70ms Font
application/x-font-woff 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d632cb364f35b40afb5abaca971891e56190d21477f05e4387f34486a02ad571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/main.css
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: 0PV3MHA5AW1GEV96
age: 27346
x-amz-server-side-encryption: AES256
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=vd4khiJdzbj0h5XexVC56Q1CVX6aJ0yBcIkFFaJpbwc-1701703112-0-AR4PwQ8aMiPgEWd7KMCeffKO4dcZXFR8ERi6k3yXFiIRCXFiiqfMVOVDrkECg_EO80jFQMICrrD2jPeLDN9pGawKAz__Kx8lftZhIu0t6VMluDoAsNV7iKHAqrb-LiAbh19J9GWV5QWLF3hTLV-TXS-ShGP8Cp6TXWUSPZcAisLo; report-to cf-csp-endpoint
content-length: 43184
x-amz-id-2: scbDKEgs9y2S7c6wMXAsB4mJNJ+0OtwjymjxuDVO8DoF/IgI4pZ9EF25sO0reSoxxM6Ma2A+Jc8=
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
etag: "b53f6371bd436855fd3ef361d8229d9e"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=vd4khiJdzbj0h5XexVC56Q1CVX6aJ0yBcIkFFaJpbwc-1701703112-0-AR4PwQ8aMiPgEWd7KMCeffKO4dcZXFR8ERi6k3yXFiIRCXFiiqfMVOVDrkECg_EO80jFQMICrrD2jPeLDN9pGawKAz__Kx8lftZhIu0t6VMluDoAsNV7iKHAqrb-LiAbh19J9GWV5QWLF3hTLV-TXS-ShGP8Cp6TXWUSPZcAisLo"}],"group":"cf-csp-endpoint","max_age":86400}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 830505c47e982c18-FRA

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/fonts/ 65 KB
66 KB 95ms
50ms Font
binary/octet-stream 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/main.css
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: VC0P2Y18WJB2CWXV
age: 27346
x-amz-server-side-encryption: AES256
content-length: 66624
x-amz-id-2: q7CvKtmKtm4MWR2Uj09x+pFwnrg9NTddcs7LOfLjCsNfPcFPnJCuUUFhKY0VnMpsUX6yPu+VOYvAwV3py7A6nNTAt0BmdW+5Z34thiUXN70=
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 830505c47e9b2c18-FRA

POST
H2 204 rum Show response
my.americares.org/cdn-cgi/ 0
37 B 25ms
25ms XHR
text/plain 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-38029cac0b0868a3----1701703112349
traceparent: 00-7477a9117b52f8bb46c29dd64bf67900-38029cac0b0868a3-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzODAyOWNhYzBiMDg2OGEzIiwidHIiOiI3NDc3YTkxMTdiNTJmOGJiNDZjMjlkZDY0YmY2NzkwMCIsInRpIjoxNzAxNzAzMTEyMzQ5fX0=
content-type: application/json
Referer: https://my.americares.org/give/532076/

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://my.americares.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 830505c43fd0bbf7-FRA

GET
H2 200 controller-e7b9fa2d6dceccc96cca9955ca6d67de.html Show response
js.stripe.com/v3/ Frame 16D4 325 B
717 B 42ms
42ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-e7b9fa2d6dceccc96cca9955ca6d67de.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0fe6cb140b0d937918774de3923f33f9f72bd2d4b67f81481681e3f4bc877294

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.americares.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 44
cache-control: max-age=60
content-encoding: br
content-length: 190
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 15:18:32 GMT
etag: "e7b9fa2d6dceccc96cca9955ca6d67de"
last-modified: Fri, 01 Dec 2023 21:11:35 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 13
x-content-type-options: nosniff
x-request-id: 4d760609-d55e-4881-bc1b-e5430e99523a
x-served-by: cache-cph2320029-CPH

GET
H2 200 payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html Show response
js.stripe.com/v3/ Frame AA28 408 B
1 KB 41ms
41ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7d369e6849c701145d6512f03f9c331f0812e7cf58bec5636e4b27a92bad0fd8

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.americares.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 237463
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 15:18:32 GMT
etag: "a63f2abb0fc8df536e90a63f72eac1af"
last-modified: Fri, 01 Dec 2023 21:11:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1170
x-content-type-options: nosniff
x-request-id: f523d163-fe15-4245-bceb-bfc589749707
x-served-by: cache-cph2320029-CPH

GET
H2 200 payment-request-inner-browser-61e11786da53fce7b0dcadc885bcda3a.html Show response
js.stripe.com/v3/ Frame B556 344 B
1005 B 41ms
41ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-61e11786da53fce7b0dcadc885bcda3a.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ab21af07f580cb2eb29c6ee645a3125bc5b0d8654407dff03fa2058d608c899b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.americares.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 36
cache-control: max-age=60
content-encoding: br
content-length: 203
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 15:18:32 GMT
etag: "61e11786da53fce7b0dcadc885bcda3a"
last-modified: Fri, 01 Dec 2023 21:11:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: 6e994eca-50bc-401b-9367-cb124ff7c7dc
x-served-by: cache-cph2320029-CPH

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4E1A 631 B
593 B 42ms
42ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 15:18:32 GMT
via: 1.1 varnish
age: 7494852
x-cache: HIT
content-length: 399
x-request-id: 52cbefb2-d3d4-4cb5-9299-ac482c130061
x-served-by: cache-cph2320029-CPH
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 440796

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 82ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 15:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 15:08:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 15:18:32 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 4E1A 0
716 B 777ms
384ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/532076/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703113068260
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701703113067916
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4E1A 0
715 B 777ms
385ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/532076/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703113068380
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701703113068028
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/31e0b6d9/www-widgetapi.vflset/ 215 KB
67 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f7d6f6139d786232c30733c242672145a2ed59e41423520f4dc4dc611e2bd8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 14:04:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68329
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 03 Dec 2024 14:04:58 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
31 KB 70ms
19ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://my.americares.org/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2319599
x-cache: HIT, HIT
content-length: 30957
x-served-by: cache-lga13629-LGA, cache-fra-eddf8230039-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1701703113.600345,VS0,VE0
etag: W/"28feccc0-15e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 1, 270900

GET
H2 200 shared-1c5ebb03b32609bf5dec7f465c7da89e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 16D4 535 KB
130 KB 45ms
43ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-e7b9fa2d6dceccc96cca9955ca6d67de.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ff9ad129d4e4732cafbb0f11a95e041c124dc51fe6f683b02df59c716573a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-e7b9fa2d6dceccc96cca9955ca6d67de.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 15:18:32 GMT
via: 1.1 varnish
age: 237779
x-cache: HIT
content-length: 132470
x-request-id: 166f59a4-e58e-48d1-853c-b53028bc2e6a
x-served-by: cache-cph2320029-CPH
last-modified: Fri, 01 Dec 2023 21:11:49 GMT
server: Fastly
etag: "43d8a3459737b2db88e329ea1ea712d3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 42922

GET
H2 200 controller-be8f40742976953a2bf615687f9ff4cc.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 16D4 665 KB
173 KB 48ms
46ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-be8f40742976953a2bf615687f9ff4cc.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-e7b9fa2d6dceccc96cca9955ca6d67de.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8637452df1323df55d5845714534ddf4077e1ecd72f329d86f48c343323eafcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-e7b9fa2d6dceccc96cca9955ca6d67de.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 15:18:32 GMT
via: 1.1 varnish
age: 67165
x-cache: HIT
content-length: 176582
x-request-id: 64c0863f-7ce5-44c0-b6f4-40d6d17a1b34
x-served-by: cache-cph2320029-CPH
last-modified: Fri, 01 Dec 2023 21:11:46 GMT
server: Fastly
etag: "26565182e7bd7d2dd2e825981e1c220d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame AA28 120 KB
37 KB 157ms
81ms Script
application/javascript 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9dc77910233bdd9ab7e1d8c766f0cc899dd4a5ccaf9a9b78de2f8cef80b7599c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-EHHsQWjDEvTCnDBwUqEJYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-EHHsQWjDEvTCnDBwUqEJYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 04 Dec 2023 15:18:32 GMT

GET
H2 200 shared-1c5ebb03b32609bf5dec7f465c7da89e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AA28 535 KB
130 KB 47ms
46ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ff9ad129d4e4732cafbb0f11a95e041c124dc51fe6f683b02df59c716573a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 15:18:32 GMT
via: 1.1 varnish
age: 237779
x-cache: HIT
content-length: 132470
x-request-id: 62bc6cef-5ada-4c3c-a527-4f1444cb15a7
x-served-by: cache-cph2320029-CPH
last-modified: Fri, 01 Dec 2023 21:11:49 GMT
server: Fastly
etag: "43d8a3459737b2db88e329ea1ea712d3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 42924

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AA28 10 KB
4 KB 42ms
42ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 15:18:32 GMT
via: 1.1 varnish
age: 3534537
x-cache: HIT
content-length: 4272
x-request-id: db01d4c6-1a47-4173-a9b3-4bbcea8658b6
x-served-by: cache-cph2320029-CPH
last-modified: Tue, 24 Oct 2023 17:19:12 GMT
server: Fastly
etag: "947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18193

GET
H2 200 shared-1c5ebb03b32609bf5dec7f465c7da89e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B556 535 KB
130 KB 46ms
45ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-61e11786da53fce7b0dcadc885bcda3a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ff9ad129d4e4732cafbb0f11a95e041c124dc51fe6f683b02df59c716573a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-61e11786da53fce7b0dcadc885bcda3a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 15:18:32 GMT
via: 1.1 varnish
age: 237779
x-cache: HIT
content-length: 132470
x-request-id: 1ec6456e-634d-4013-a8e1-a7080a3a98fc
x-served-by: cache-cph2320029-CPH
last-modified: Fri, 01 Dec 2023 21:11:49 GMT
server: Fastly
etag: "43d8a3459737b2db88e329ea1ea712d3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 42924

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B556 12 KB
5 KB 46ms
46ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-61e11786da53fce7b0dcadc885bcda3a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-61e11786da53fce7b0dcadc885bcda3a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 15:18:32 GMT
via: 1.1 varnish
age: 6559112
x-cache: HIT
content-length: 4877
x-request-id: 992e8b62-627a-4669-a6b6-ec757f1ab0a0
x-served-by: cache-cph2320029-CPH
last-modified: Tue, 19 Sep 2023 17:14:23 GMT
server: Fastly
etag: "330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 29540

POST
H2 200 csp-report
q.stripe.com/ Frame 16D4 0
716 B 751ms
389ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/532076/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703113068773
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701703113068069
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame AA28 0
715 B 760ms
398ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/532076/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703113068850
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701703113068050
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame AA28 0
716 B 753ms
391ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/532076/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703113068544
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701703113068267
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B556 0
715 B 772ms
411ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/532076/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703113068803
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701703113068142
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B556 0
717 B 773ms
412ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/532076/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703113069884
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701703113068844
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 22F1 930 B
2 KB 108ms
28ms Document
text/html 2600:9000:25e8:5400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25e8:5400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 15:18:28 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 0ce4e0ab92519d33ff3c6cca42806b7e.cloudfront.net (CloudFront)
x-amz-cf-id: Y7xfECE36pg7-PSy-7VeCXghufESMvhdzP22ZZ9BXZuBQKOr8D7EUQ==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ 32 KB
32 KB 98ms
47ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:28:27 GMT
x-content-type-options: nosniff
age: 255005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:28:27 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ 32 KB
32 KB 76ms
24ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:28:27 GMT
x-content-type-options: nosniff
age: 255005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:28:27 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
30 KB 111ms
59ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:23 GMT
x-content-type-options: nosniff
age: 316269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:23 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 120ms
68ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:23 GMT
x-content-type-options: nosniff
age: 316269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:23 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 134ms
83ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:23 GMT
x-content-type-options: nosniff
age: 316269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:23 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 138ms
86ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:23 GMT
x-content-type-options: nosniff
age: 316269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:23 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 128ms
76ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:23 GMT
x-content-type-options: nosniff
age: 316269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:23 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 16D4 474 B
608 B 105ms
35ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

36c0e413d5bca0eb882de8b4ab4f5bc62c995471fd44eb44bbf9d2f9e92443b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-e7b9fa2d6dceccc96cca9955ca6d67de.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 36
x-cache: HIT
content-length: 298
x-request-id: e69a7272-a7ec-4c85-ac7e-87bb002721e6
x-served-by: cache-cph2320058-CPH
last-modified: Fri, 01 Dec 2023 21:48:23 GMT
server: Fastly
etag: "5b88295707e69a22d2f1407565930b00"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 16D4 474 B
369 B 98ms
35ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

36c0e413d5bca0eb882de8b4ab4f5bc62c995471fd44eb44bbf9d2f9e92443b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-e7b9fa2d6dceccc96cca9955ca6d67de.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 36
x-cache: HIT
content-length: 298
x-request-id: 5497dd1a-440c-44ff-8371-ee5b7a2c4c06
x-served-by: cache-cph2320058-CPH
last-modified: Fri, 01 Dec 2023 21:48:23 GMT
server: Fastly
etag: "5b88295707e69a22d2f1407565930b00"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

POST
H2 200 csp-report
q.stripe.com/ Frame 22F1 0
490 B 584ms
392ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/532076/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703113069185
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1701703113068833
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 22F1 87 KB
14 KB 32ms
32ms Script
text/javascript 2600:9000:25e8:5400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25e8:5400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:14:52 GMT
content-encoding: br
via: 1.1 0ce4e0ab92519d33ff3c6cca42806b7e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 222
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: AMS1-P3
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: 40BXFqgeeeVQzc9okrNv1jIu6UT9kkg3ciFWZcMj5ly07PXnzEGY2g==

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 8861 19 KB
8 KB 87ms
86ms Document
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cfaecd6c286dbfcb430844ef4fedc953c47289d244de93483fd154a73ee73a32

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K1fWBOFbYBdQkrxjatbO-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-K1fWBOFbYBdQkrxjatbO-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 04 Dec 2023 15:18:32 GMT
expires: Mon, 04 Dec 2023 15:18:32 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 16D4 2 KB
3 KB 366ms
252ms Fetch
application/json 54.76.53.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.76.53.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-53-164.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e02a11031aea78a77717ef74c166049f7dc37006c71e2a31d8529ddf8002f350

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2198
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 22F1 156 B
668 B 603ms
205ms XHR
application/json 34.213.255.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.255.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-255-230.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

afd598f3d01b413a9154d80f2dd5d51fb8824b21a92e26fc976954f8b6f91779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703113186378
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 5
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1701703113185821
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js Show response
my.americares.org/sso/ssobuild/js/ 12 KB
5 KB 66ms
66ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/sso/ssobuild/js/iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-3b2602f7b9921e16----1701703112689
traceparent: 00-598437aaba118012572dedddf9070f00-3b2602f7b9921e16-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzYjI2MDJmN2I5OTIxZTE2IiwidHIiOiI1OTg0MzdhYWJhMTE4MDEyNTcyZGVkZGRmOTA3MGYwMCIsInRpIjoxNzAxNzAzMTEyNjg5fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://my.americares.org/give/532076/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 19:49:10 GMT
cf-bgj: minify
server: cloudflare
age: 2102385
etag: W/"65397136-316e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 830505c65b30bbf7-FRA
expires: Sat, 09 Nov 2024 07:18:47 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
273 B 817ms
405ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386690
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1701703113386159
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
273 B 808ms
397ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386428
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701703113386304
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
272 B 794ms
383ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386531
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701703113386222
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
272 B 788ms
378ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386307
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701703113386172
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
273 B 806ms
395ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386509
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701703113386057
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
273 B 794ms
383ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386347
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701703113385881
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
273 B 789ms
379ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113384558
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1701703113384133
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
273 B 794ms
385ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386540
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701703113386087
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
271 B 784ms
375ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113383242
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701703113383062
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
273 B 792ms
383ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113384553
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1701703113384038
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.Rck2pM-8SXs.es5.O/am=AAYx/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 8861 159 KB
57 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.Rck2pM-8SXs.es5.O/am=AAYx/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh7ffXq889k7-4798V8Y_yKEWt95A/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16eb7d43fe616edd511703f6e67713a2749a224eb8dbd82e422cb0b643244cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 17:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57492
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 06:38:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 17:25:52 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 8861 2 KB
2 KB 128ms
128ms Other
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: my.americares.org
URL: https://my.americares.org/give/532076/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html Show response
js.stripe.com/v3/ Frame 4796 408 B
1 KB 41ms
41ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7d369e6849c701145d6512f03f9c331f0812e7cf58bec5636e4b27a92bad0fd8

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.americares.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 237463
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 15:18:32 GMT
etag: "a63f2abb0fc8df536e90a63f72eac1af"
last-modified: Fri, 01 Dec 2023 21:11:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1171
x-content-type-options: nosniff
x-request-id: 50a0f8a8-d9da-41d3-b04c-113f6d6fcad2
x-served-by: cache-cph2320029-CPH

GET
H2 200 payment-request-inner-browser-61e11786da53fce7b0dcadc885bcda3a.html Show response
js.stripe.com/v3/ Frame 290A 344 B
986 B 42ms
42ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-61e11786da53fce7b0dcadc885bcda3a.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ab21af07f580cb2eb29c6ee645a3125bc5b0d8654407dff03fa2058d608c899b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.americares.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 36
cache-control: max-age=60
content-encoding: br
content-length: 203
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 15:18:32 GMT
etag: "61e11786da53fce7b0dcadc885bcda3a"
last-modified: Fri, 01 Dec 2023 21:11:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4
x-content-type-options: nosniff
x-request-id: c3f26f4a-11f8-4324-96a9-fedb4b060ab5
x-served-by: cache-cph2320029-CPH

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
273 B 746ms
404ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386818
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1701703113386094
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
273 B 739ms
397ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386647
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701703113385982
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
273 B 714ms
372ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113384253
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701703113384082
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
272 B 725ms
384ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386219
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701703113385893
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
272 B 722ms
382ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386193
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701703113386013
access-control-allow-credentials: true
content-length: 0

GET
H2 200 status Show response
my.americares.org/sso/ 90 B
1 KB 424ms
423ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361041589433008460297_1701703112687&_=1701703112688

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16b6cab12213170e3e1c95d9140bc969c55946d0f1d26a588db2c70f6c0fa958

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-73c625ae3c57703c----1701703112767
traceparent: 00-ec62cdf5528ec2adc41af522c6f5e300-73c625ae3c57703c-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3M2M2MjVhZTNjNTc3MDNjIiwidHIiOiJlYzYyY2RmNTUyOGVjMmFkYzQxYWY1MjJjNmY1ZTMwMCIsInRpIjoxNzAxNzAzMTEyNzY3fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://my.americares.org/give/532076/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-security-policy: frame-ancestors 'self' https://*.classy.org;
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache, private
cf-ray: 830505c6dc03bbf7-FRA
x-xss-protection: 1; mode=block

GET
H3 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 4796 120 KB
35 KB 75ms
75ms Script
application/javascript 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9dc77910233bdd9ab7e1d8c766f0cc899dd4a5ccaf9a9b78de2f8cef80b7599c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UQmGNhlOUBPII33nneLR5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UQmGNhlOUBPII33nneLR5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 04 Dec 2023 15:18:32 GMT

GET
H2 200 shared-1c5ebb03b32609bf5dec7f465c7da89e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4796 535 KB
130 KB 42ms
41ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ff9ad129d4e4732cafbb0f11a95e041c124dc51fe6f683b02df59c716573a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 15:18:32 GMT
via: 1.1 varnish
age: 237780
x-cache: HIT
content-length: 132470
x-request-id: e45eee3d-98d3-4f4c-9582-31077b818eff
x-served-by: cache-cph2320029-CPH
last-modified: Fri, 01 Dec 2023 21:11:49 GMT
server: Fastly
etag: "43d8a3459737b2db88e329ea1ea712d3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 42925

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4796 10 KB
4 KB 42ms
41ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-a63f2abb0fc8df536e90a63f72eac1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 15:18:32 GMT
via: 1.1 varnish
age: 3534537
x-cache: HIT
content-length: 4272
x-request-id: c05ae081-dabe-4f98-8cd5-412467d766f5
x-served-by: cache-cph2320029-CPH
last-modified: Tue, 24 Oct 2023 17:19:12 GMT
server: Fastly
etag: "947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18194

GET
H2 200 shared-1c5ebb03b32609bf5dec7f465c7da89e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 290A 535 KB
130 KB 45ms
44ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-61e11786da53fce7b0dcadc885bcda3a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ff9ad129d4e4732cafbb0f11a95e041c124dc51fe6f683b02df59c716573a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-61e11786da53fce7b0dcadc885bcda3a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 15:18:32 GMT
via: 1.1 varnish
age: 237780
x-cache: HIT
content-length: 132470
x-request-id: 9d6d9a7e-dc47-4ba9-a659-997313b9fe44
x-served-by: cache-cph2320029-CPH
last-modified: Fri, 01 Dec 2023 21:11:49 GMT
server: Fastly
etag: "43d8a3459737b2db88e329ea1ea712d3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 42926

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 290A 12 KB
5 KB 45ms
45ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-61e11786da53fce7b0dcadc885bcda3a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-61e11786da53fce7b0dcadc885bcda3a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 15:18:32 GMT
via: 1.1 varnish
age: 6559112
x-cache: HIT
content-length: 4877
x-request-id: 3fda8791-c818-4a36-b651-79ee36472755
x-served-by: cache-cph2320029-CPH
last-modified: Tue, 19 Sep 2023 17:14:23 GMT
server: Fastly
etag: "330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 29541

POST
H2 200 csp-report
q.stripe.com/ Frame 4796 0
715 B 386ms
386ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/532076/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703113069541
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701703113069015
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4796 0
716 B 373ms
373ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/532076/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703113069229
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701703113068859
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 290A 0
717 B 371ms
371ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/532076/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703113069443
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701703113068898
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 290A 0
715 B 385ms
385ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/532076/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703113069522
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701703113068932
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.Rck2pM-8SXs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6y... Frame 8861 73 KB
27 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.Rck2pM-8SXs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6yEG8Cs.L.B1.O/am=AAYx/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhHc2sqF-iHXAI7pTMdYX9O0irEAg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.Rck2pM-8SXs.es5.O/am=AAYx/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh7ffXq889k7-4798V8Y_yKEWt95A/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b5f4d378302fc631fae49d3817ca8d3448fba2da981c2a4c33530b8e1a83bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27203
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 06:38:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 22:37:36 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 8861 1 MB
375 KB 89ms
89ms XHR
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0df235913efdeda0005152b8f2c6a7831223e320f7d3dd1d5ecd47e59191f400

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-AzofCOu0kOF89Gl_zTuAcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:32 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-AzofCOu0kOF89Gl_zTuAcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 04 Dec 2023 15:18:32 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.Rck2pM-8SXs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6y... Frame 8861 9 KB
4 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.Rck2pM-8SXs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6yEG8Cs.L.B1.O/am=AAYx/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhHc2sqF-iHXAI7pTMdYX9O0irEAg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28744f56e8bf375547120d51ae4bf8a315a04baa68b94380898a6dea9b06e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3729
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 06:38:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 18:57:16 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.Rck2pM-8SXs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6y... Frame 8861 37 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.Rck2pM-8SXs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6yEG8Cs.L.B1.O/am=AAYx/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhHc2sqF-iHXAI7pTMdYX9O0irEAg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db1a61d185002f0e04219e76090f24a311973c9b9ca62fcc540b164c9a07907c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14286
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 06:38:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:45:08 GMT

POST
H3 200 log Show response
play.google.com/ Frame 8861 131 B
155 B 122ms
79ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 15:18:33 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 102ms
53ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 04 Dec 2023 15:18:32 GMT
expires: Mon, 04 Dec 2023 15:18:32 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8861 131 B
155 B 134ms
91ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 15:18:33 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 101ms
53ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 04 Dec 2023 15:18:32 GMT
expires: Mon, 04 Dec 2023 15:18:32 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8861 131 B
155 B 133ms
90ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 15:18:33 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 101ms
54ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 04 Dec 2023 15:18:32 GMT
expires: Mon, 04 Dec 2023 15:18:32 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8861 131 B
155 B 120ms
78ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 15:18:33 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 101ms
54ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 04 Dec 2023 15:18:32 GMT
expires: Mon, 04 Dec 2023 15:18:32 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8861 131 B
155 B 123ms
80ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 15:18:33 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 100ms
54ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 04 Dec 2023 15:18:32 GMT
expires: Mon, 04 Dec 2023 15:18:32 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8861 131 B
155 B 119ms
77ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 15:18:33 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 99ms
55ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 04 Dec 2023 15:18:32 GMT
expires: Mon, 04 Dec 2023 15:18:32 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
272 B 620ms
396ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386114
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1701703113385953
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
273 B 628ms
404ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386264
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1701703113385883
access-control-allow-credentials: true
content-length: 0

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 1A15 19 KB
7 KB 84ms
84ms Document
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e748ed60240dd80e8e1235f3560480bb2fc0bbf1b61cde7e8c7f8182136a449

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-i2Cqrl3QDGtrGobTkLaCFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-i2Cqrl3QDGtrGobTkLaCFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 04 Dec 2023 15:18:32 GMT
expires: Mon, 04 Dec 2023 15:18:32 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
273 B 595ms
396ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386440
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701703113386035
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
273 B 502ms
382ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386254
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701703113385793
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
273 B 524ms
405ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386552
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1701703113385836
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
272 B 510ms
395ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386566
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701703113386090
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
272 B 491ms
376ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113384342
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701703113384103
access-control-allow-credentials: true
content-length: 0

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.Rck2pM-8SXs.es5.O/am=AAYx/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 1A15 159 KB
56 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16eb7d43fe616edd511703f6e67713a2749a224eb8dbd82e422cb0b643244cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 17:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57492
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 06:38:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 17:25:52 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
272 B 510ms
397ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386277
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701703113385820
access-control-allow-credentials: true
content-length: 0

GET
H2 200 GooglePay-logo.svg
my.americares.org/static/global/images/digitalWallets/ 3 KB
1 KB 55ms
55ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.americares.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/give/532076/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:06:14 GMT
server: cloudflare
age: 327500
etag: W/"655e9776-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 830505c84e8fbbf7-FRA
expires: Fri, 29 Nov 2024 20:20:13 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 1A15 2 KB
2 KB 128ms
127ms Other
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: my.americares.org
URL: https://my.americares.org/give/532076/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.Rck2pM-8SXs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6y... Frame 1A15 73 KB
27 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b5f4d378302fc631fae49d3817ca8d3448fba2da981c2a4c33530b8e1a83bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27203
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 06:38:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 22:37:36 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 1A15 1 MB
375 KB 78ms
78ms XHR
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

836c2ee1d6d4519eea0b81de688e0b8917a2486a28cd4c139bd10270bc45ded2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-19xcTY0YKE7hhs9lFUeHYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-19xcTY0YKE7hhs9lFUeHYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 04 Dec 2023 15:18:33 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.Rck2pM-8SXs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6y... Frame 1A15 9 KB
4 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.Rck2pM-8SXs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6yEG8Cs.L.B1.O/am=AAYx/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhHc2sqF-iHXAI7pTMdYX9O0irEAg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28744f56e8bf375547120d51ae4bf8a315a04baa68b94380898a6dea9b06e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3729
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 06:38:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 18:57:16 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.Rck2pM-8SXs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6y... Frame 1A15 37 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.Rck2pM-8SXs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6yEG8Cs.L.B1.O/am=AAYx/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhHc2sqF-iHXAI7pTMdYX9O0irEAg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db1a61d185002f0e04219e76090f24a311973c9b9ca62fcc540b164c9a07907c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14286
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 06:38:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:45:08 GMT

POST
H3 200 log Show response
play.google.com/ Frame 1A15 131 B
155 B 80ms
79ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 15:18:33 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 53ms
52ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 04 Dec 2023 15:18:33 GMT
expires: Mon, 04 Dec 2023 15:18:33 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 1A15 131 B
155 B 83ms
82ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 15:18:33 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 52ms
52ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 04 Dec 2023 15:18:33 GMT
expires: Mon, 04 Dec 2023 15:18:33 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 1A15 131 B
155 B 81ms
81ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 15:18:33 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 52ms
52ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 04 Dec 2023 15:18:33 GMT
expires: Mon, 04 Dec 2023 15:18:33 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 1A15 131 B
155 B 77ms
77ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 15:18:33 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 53ms
52ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 04 Dec 2023 15:18:33 GMT
expires: Mon, 04 Dec 2023 15:18:33 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 1A15 131 B
155 B 79ms
78ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 15:18:33 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 52ms
52ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 04 Dec 2023 15:18:33 GMT
expires: Mon, 04 Dec 2023 15:18:33 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 1A15 131 B
155 B 84ms
84ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 15:18:33 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 15:18:33 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 52ms
52ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 04 Dec 2023 15:18:33 GMT
expires: Mon, 04 Dec 2023 15:18:33 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
273 B 401ms
384ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386068
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701703113385718
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
271 B 395ms
378ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113386240
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701703113386090
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 16D4 0
272 B 381ms
373ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1c5ebb03b32609bf5dec7f465c7da89e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
x-stripe-server-envoy-start-time-us: 1701703113383598
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701703113383113
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 22F1 156 B
666 B 199ms
198ms XHR
application/json 34.213.255.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.255.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-255-230.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

afd598f3d01b413a9154d80f2dd5d51fb8824b21a92e26fc976954f8b6f91779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703113407424
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1701703113407216
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 22F1 156 B
667 B 247ms
247ms XHR
application/json 34.213.255.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.255.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-255-230.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

afd598f3d01b413a9154d80f2dd5d51fb8824b21a92e26fc976954f8b6f91779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:33 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703113457117
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1701703113456561
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 22F1 156 B
668 B 202ms
202ms XHR
application/json 34.213.255.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.255.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-255-230.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

afd598f3d01b413a9154d80f2dd5d51fb8824b21a92e26fc976954f8b6f91779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 15:18:36 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701703116757427
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 5
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1701703116756965
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js
js.stripe.com/v3/fingerprinted/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.americares.org/	1970-01-21 02:17:43	Name: connect.sid Value: s%3AygcfX90ibfc-6RbJsFFHwXggnKJXsLKZ.NU8U8flRdwbZu0IGEy2%2BYcUi7B13az2znvSQrnjlybk
.my.americares.org/	1970-01-20 16:41:44	Name: __cf_bm Value: i_DnKnTYq6dD4woXm0Fr5NTDjV2IXv7uqKFus_xz9lE-1701703110-0-ARXRHmm3lxPE8ABDaRtkY0RkfLh6yoRWgojdkVn2QFSrObegxSbC2lmVyNKNA5qI9KfkszgI7coheT+WXCrKcEk=
.my.americares.org/	1969-12-31 23:59:59	Name: __cfruid Value: 09986f68e3cbcec4249dfc052148c11ab9e35246-1701703110
.my.americares.org/	1969-12-31 23:59:59	Name: _cfuvid Value: jpBP.2HgX7W3lQwSLZXjxJAJuaShu_su9d9dVwwU7aI-1701703110731-0-604800000
.classy.org/	1970-01-20 16:41:44	Name: __cf_bm Value: YlS8yqzyub3v8kM3hgG2oL1_QmtCQTEc2FeH1FT05Is-1701703110-0-AVK3Pc3xfcQHcfJOezNQe9kHyOD54iZYZH7lNHbf68T3AH019aExX2D4rtNPv5jsy155UWmMdZErk8V1lJegfDE=
.classy.org/	1969-12-31 23:59:59	Name: _cfuvid Value: qO.iA.q4C0tCNgqfE0hW.pUu3d5IAxnNRthPRStbcTw-1701703110935-0-604800000
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 1KGMC0IzATE
.youtube.com/	1970-01-20 21:00:55	Name: VISITOR_INFO1_LIVE Value: O5jOLZdqZ5Q
.google.com/	1970-01-20 21:05:14	Name: NID Value: 511=PlxWgW89ONdQneR6SrCDBj8MRPu6UOS5_NpkPLfad7nWZu5PHxvHGPg2_M6ptM5F2A1gtqQFgUtK9eVRtHdB4j51aXGfz0b1yCxSne6AYD2ykF65Z9-EZz3zQx8KYdlU_YcaI6ac4m8likwM-dlkUc_Af95rfnw81M-eJg6rdf4
my.americares.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: kKUMvuju-pFuwfch8gnAsn9qgjZgIy7j6Nco
widgets.guidestar.org/	1970-01-20 16:51:47	Name: AWSALBCORS Value: ancjaZW1CK3UFWA1f6e8DVlfvSIcJN1fjPLbC1zlahIHPelbcNwKHHwH5iRI+AocpQxsiKISzcmhtPBCoKvLUx7igxYTctY0W2ku+D1sndAPEvB4Yi3WRBpHCoob
www.americares.org/	1970-01-20 16:43:09	Name: _uid Value: CgEADmVt7checAB7FpjjAg==
my.americares.org/	1970-01-20 16:41:44	Name: XSRF-TOKEN Value: eyJpdiI6Ik0wak53M01xUEZ6cHNZZ3RNR2VKSFE9PSIsInZhbHVlIjoiUGpaWU9oakVBc2dXQldTdDlRRndhR0hhcXpFYVZwR0VKUGJ6NW0vR1JwdEJIemY2amIvVWxlaDVLVHBMUHhZRmJVNEUvRWhhRFpRc1J5VC9XdUgyNER5aGZJK3lmTFA0cng2L3d4bU5wU3ByaVZGZG9pSytwOXJTcm1DaDY4NWciLCJtYWMiOiI4MDM2ZjAyMTRiZTE1Njg1MDI2NDQ5ODFlMDE5MjYzYjYwMzY4MDY2MzMzOWJkNTNmMDM0MGJhYzAyMTZjYjE2IiwidGFnIjoiIn0%3D
my.americares.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6IndXSnBwbThtdWZlN0s4U1RpbVpFbUE9PSIsInZhbHVlIjoieG9hb0tmaWxtM2Z6cytvckcwTVRRT3J5Z3N2N0VyQzN1eEFTbmR0WGZqam05dlRYWTZ1cHRxcmVaQXZsbWswbXJhNW95N1MzMTduc3ZNTnVlRm5pc0tFVXBCa1h4T3ZZS1hDeXZOSE9IWk02NDh3QWlaQ2ZuNE1YZndTY2ZoeUoiLCJtYWMiOiI2YmIwNzg1YzcxNmFmODkwM2QxYzg0MzBlNzhmNzEwYWZmM2UzN2NkOTA5ZGE0M2Q3ODI3ZWRmYjFjMjk4OGI3IiwidGFnIjoiIn0%3D
m.stripe.com/	1970-01-21 02:17:43	Name: m Value: 126afe9c-b0a8-47b9-8df3-46cad1d1dfa56667ca
.my.americares.org/	1970-01-21 01:27:19	Name: __stripe_mid Value: 7e925ef7-346d-43b5-82f3-d6f47b0b80f7b698d0
.my.americares.org/	1970-01-20 16:41:44	Name: __stripe_sid Value: b6f66b77-a593-4279-af50-bc0b0e750f1a38afe7

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://files.doublethedonation.com/fontello/css/fontello.css Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.classy.org
cdn.plaid.com
cdn.transcend.io
click.hello.americares.org
code.jquery.com
files.doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
htp.tokenex.com
image.hello.americares.org
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
my.americares.org
pay.classy.org
pay.google.com
play.google.com
prod-frs.content.classy.org
q.stripe.com
r.stripe.com
signforgood.s3.amazonaws.com
static.cloudflareinsights.com
unpkg.com
widgets.guidestar.org
www.americares.org
www.googleadservices.com
www.gstatic.com
www.youtube.com
js.stripe.com
13.110.221.60
142.250.184.226
151.101.128.176
172.67.23.169
18.66.248.104
2600:9000:2304:d000:2:8531:afc0:93a1
2600:9000:25e8:5400:19:7d10:bd80:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:3965
2606:4700::6810:7baf
2606:4700::6812:7c49
2606:4700::6812:c55f
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c0b::5c
2a02:26f0:3100::1735:2ba0
2a04:4e42:400::649
34.213.255.230
34.68.9.145
52.143.247.24
52.217.88.132
54.186.23.98
54.187.159.182
54.76.53.164
061906633f249332d25115dd606fdd22d30006b25cc45039ad67c6d2008814f8
0df235913efdeda0005152b8f2c6a7831223e320f7d3dd1d5ecd47e59191f400
0e748ed60240dd80e8e1235f3560480bb2fc0bbf1b61cde7e8c7f8182136a449
0fe6cb140b0d937918774de3923f33f9f72bd2d4b67f81481681e3f4bc877294
105008deb18d854491560f2991e2e9778be8d62cd007d7682d29ebb2db4283f5
10c69f37683176e14cdfd37a130eebca6519d3e944e9132085c739fb52e3068c
1398c8bd5eaf7fdc842334bcb429358c73e9dbe785a983b96277c69254c90901
14699735f336f6c852f63359232ce256d1f0c20a1d430cdea3adbb55b809e520
1516ad210805201120410a7aeae15d8e7deea8c672b54e303d5a7b8234f185a4
16b6cab12213170e3e1c95d9140bc969c55946d0f1d26a588db2c70f6c0fa958
16eb7d43fe616edd511703f6e67713a2749a224eb8dbd82e422cb0b643244cb5
1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a
21c848d60a657f4084ef5968c3466d5c73f0fcbcac905c6fcc7b5acc4d053820
22cedcbd981cbe7498e7d9f64a5ef04a3052f8826b95b3838ade989d9102240d
26bac992b3e8235c5dd52128b69c9951f6c6e5a40b44d60be1ac9d26aa77c102
27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb
2966630c66048ac91781e66eb10e74e59ac7f39222fdc9c36e65db587e796e95
29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
3022c8a32d41b95a1a8ed9066c3fcb396cdef772f01a6df1179db516973023f7
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
36c0e413d5bca0eb882de8b4ab4f5bc62c995471fd44eb44bbf9d2f9e92443b3
3761950f8159320bb209f23d8f2d4cabe130bd774fec107d62a6eec6fb005bb5
3b5f4d378302fc631fae49d3817ca8d3448fba2da981c2a4c33530b8e1a83bd8
3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11
3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b
45e9b59fcd2486c88fd617281b79e2fa27a67600efbd31cc66e2da0958b3b164
48dc407afad3934f710a279a2cc7d152145ba2eb9479d094aa0d6008b0afb231
4a7f98e1c8cf8e554367fff1654188232d247820a3711a02138956c223a2c786
4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a
5ddca95eb3270ac7753c4b8becb6372e00c578057d8c9bf3f406fb76860eeb73
5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb
60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
63a3548860c583edc719e7265f64c6c7d68cb4661f5f6c8ef107ca94f8977ffc
676b268a7467bcc914111522a6dfb2f677197535e6d352e3bf3f649439498010
6cea1802d8b56ca8838e30f48d870ac055808c836844e13eed0aa0785c4d71ea
6dcb9ea2c438e20571d67b158981a0fc85924e93d84dc49a29bb6bf3d1f1fcc9
78ef91351242065c5e49b2833c002edb964c4f27724ab80490bf9ba0c657ef57
79b3546b5c9e23567e64e596bb5c4a6c9a0ada8b93ac66f6acf3093f6d21ccdb
7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493
7d369e6849c701145d6512f03f9c331f0812e7cf58bec5636e4b27a92bad0fd8
7df2f591cb5998cbf6e24dcb7489cb13cfc5303bb30716bd4e9c7eeda053ea10
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
80f6fe6e347d4b5c4068bc7fe50caef888ac564137e7671e80c0428dc299458d
836c2ee1d6d4519eea0b81de688e0b8917a2486a28cd4c139bd10270bc45ded2
8637452df1323df55d5845714534ddf4077e1ecd72f329d86f48c343323eafcf
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
8ca59ea276635e06f4153a8979c26329c234dcc44673066902f6971ecdefc758
8f7d6f6139d786232c30733c242672145a2ed59e41423520f4dc4dc611e2bd8c
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9a39448f831f51739ddb4b65ff0a65e41738a01baee5e4bab3c2acee12d9509f
9ca9d31f3f621954176f2af3955d7b2f691fde115dee35b03fdec5eb889209e6
9dc77910233bdd9ab7e1d8c766f0cc899dd4a5ccaf9a9b78de2f8cef80b7599c
a28744f56e8bf375547120d51ae4bf8a315a04baa68b94380898a6dea9b06e46
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a63f486f5b05184dc0708669c9c1823de00295dd74b090557b77268118ecc0dd
a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f
aa23f68b3d5c7eed8f0ebfa79457437800fa6d915b50755195217fc6d3d0916d
ab21af07f580cb2eb29c6ee645a3125bc5b0d8654407dff03fa2058d608c899b
afd598f3d01b413a9154d80f2dd5d51fb8824b21a92e26fc976954f8b6f91779
c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4
c4c26dfde09ed6e458fd1d42c13169455ea98d479d85d3242a61cb0d15bdd00f
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfaecd6c286dbfcb430844ef4fedc953c47289d244de93483fd154a73ee73a32
d632cb364f35b40afb5abaca971891e56190d21477f05e4387f34486a02ad571
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
db1a61d185002f0e04219e76090f24a311973c9b9ca62fcc540b164c9a07907c
e02a11031aea78a77717ef74c166049f7dc37006c71e2a31d8529ddf8002f350
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53fe955d2e6fb3c39d77be059b2f538fd609ef793db1d855764c337b7f13f8c
eb5036bad8662eb3aeca1984456f9d3bbc3ad934ef96c6e46f64a86fbae1d5af
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ef96eb757139a3f442f1912339d427c4190f8702c7ef62d7878b60e878c6d0ea
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ff9ad129d4e4732cafbb0f11a95e041c124dc51fe6f683b02df59c716573a7d4

my.americares.org Open in urlscan Pro 2606:4700::6812:c55f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

173 Requests

99 %HTTPS

56 %IPv6

18 Domains

29 Subdomains

27 IPs

4 Countries

5405 kBTransfer

15683 kBSize

17 Cookies

10 Outgoing links

Page URL History

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

my.americares.org Open in urlscan Pro
2606:4700::6812:c55f Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

99 %
HTTPS

56 %
IPv6

18
Domains

29
Subdomains

27
IPs

4
Countries

5405 kB
Transfer

15683 kB
Size

17
Cookies

173 HTTP transactions
0 data transactions