app.pop4kids.org Open in urlscan Pro
44.206.79.184 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url9657.admin.pop4kids.org/ls/click?upn=qMcka208RPCQm2vjNWzrRufrmYjfWCytZz1nz0O-2FE3KgxDWgSekyS6-2FjyNokjCLtckled0QNw60Cq-2...
Effective URL:
https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
Submission: On October 03 via api (October 3rd 2022, 4:26:26 pm UTC) from US — Scanned from DE

Summary HTTP 110 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 11 domains to perform 110 HTTP transactions. The main IP is 44.206.79.184, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.pop4kids.org.
TLS certificate: Issued by Amazon on August 9th 2022. Valid for: a year.

This is the only time app.pop4kids.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.54 167.89.123.54	11377 (SENDGRID) (SENDGRID)
10	44.206.79.184 44.206.79.184	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	18.65.39.29 18.65.39.29	16509 (AMAZON-02) (AMAZON-02)
1	52.217.33.70 52.217.33.70	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
19	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
10	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206e:1000:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
25	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	52.89.187.149 52.89.187.149	16509 (AMAZON-02) (AMAZON-02)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
1	2a04:4e42:600... 2a04:4e42:600::291	54113 (FASTLY) (FASTLY)
110	17

1 167.89.123.54 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x54.outbound-mail.sendgrid.net

url9657.admin.pop4kids.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 44.206.79.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-79-184.compute-1.amazonaws.com

app.pop4kids.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 18.65.39.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-29.ams1.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.33.70 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206e:1000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.89.187.149 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-187-149.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	stripe.com js.stripe.com — Cisco Umbrella Rank: 2689 q.stripe.com — Cisco Umbrella Rank: 23069 r.stripe.com — Cisco Umbrella Rank: 8728 m.stripe.com — Cisco Umbrella Rank: 2266	807 KB
22	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2628 t.paypal.com — Cisco Umbrella Rank: 3471 c.paypal.com — Cisco Umbrella Rank: 5789 b.stats.paypal.com — Cisco Umbrella Rank: 4844 dub.stats.paypal.com — Cisco Umbrella Rank: 17827 c6.paypal.com — Cisco Umbrella Rank: 7224	398 KB
11	pop4kids.org 1 redirects url9657.admin.pop4kids.org app.pop4kids.org	604 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2261	33 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2869	18 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	85 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	88 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	amazonaws.com s3.amazonaws.com	99 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
110	11

	Domain	Requested by
27	js.stripe.com	app.pop4kids.org js.stripe.com
25	r.stripe.com	js.stripe.com
12	www.paypal.com	app.pop4kids.org www.paypal.com www.paypalobjects.com
10	q.stripe.com	app.pop4kids.org
10	app.pop4kids.org	app.pop4kids.org
5	c.paypal.com	www.paypal.com c.paypal.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com app.pop4kids.org
2	t.paypal.com	app.pop4kids.org
2	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	cdnjs.cloudflare.com	app.pop4kids.org cdnjs.cloudflare.com
2	www.googletagmanager.com	app.pop4kids.org
1	c6.paypal.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	m.stripe.com	m.stripe.network
1	fonts.gstatic.com	fonts.googleapis.com
1	s3.amazonaws.com	app.pop4kids.org
1	fonts.googleapis.com	app.pop4kids.org
1	url9657.admin.pop4kids.org	1 redirects
110	20

This site contains links to these domains. Also see Links.

Domain
www.pop4kids.org

Subject Issuer	Validity	Valid
pop4kids.org Amazon	`2022-08-09` - `2023-09-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-08-31` - `2023-01-10`	4 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-25` - `2023-04-25`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-06` - `2022-12-07`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh

This page contains 12 frames:

Primary Page: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
Frame ID: 0694A05AAF88949AA9B4A793DA33AF13
Requests: 30 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-7b7be4952e29571eed1851f2037396fe.html
Frame ID: D9B50DF6CD040946AB3DCE348E28C6F3
Requests: 32 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
Frame ID: EBC9BE7B6EA5911BD54D1858884E185C
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
Frame ID: 213D35AAE05E69EE93C3991626019565
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
Frame ID: F1C35163CA48129DD7051596C731B39E
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-1e02661a8587829bfa8aff26a17a6522.html
Frame ID: BF96E664DBFE2CE86B64E9A57D433399
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 31F45785F2BF55BD3938382EDD1BE685
Requests: 4 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=32&style.menuPlacement=below&sdkVersion=5.0.334&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWFIWGktSWJBTkEtajJUX0pBSzR0SU5FY0tDMlhyemlOYWFoYTJHVGlVaEd5WExWNFVha1FtcFdVS01KdVRXaE02Z0pxdllxbk5ybERYNG0mY29tcG9uZW50cz1idXR0b25zIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoicmVhY3QtcGF5cGFsLWpzIiwiZGF0YS11aWQiOiJ1aWRfeGhkanp0ZnZja3djdHBuemZkdGpld2FpbWNpcXRwIn19&clientID=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&sdkCorrelationID=05553a7b52843&storageID=uid_9f54489afd_mty6mjy6mji&sessionID=uid_a4f844a125_mty6mjy6mji&buttonSessionID=uid_cafe47ea11_mty6mjy6mji&env=production&buttonSize=small&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: 3AC50B323B4AB4E89DCF2EC964A7BA5F
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3659C38406EF722B0FF496AA98DAFE52
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 7129207F226182BD5458C0C89FE2CBA6
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: F89AA76DFC3748ACDE18A0AC93D17599
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a4f844a125_mty6mjy6mji&s=SMART_PAYMENT_BUTTONS
Frame ID: 00016270A1116AD22F2FBF60E840C946
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PoP

Page URL History Show full URLs

http://url9657.admin.pop4kids.org/ls/click?upn=qMcka208RPCQm2vjNWzrRufrmYjfWCytZz1nz0O-2FE3KgxDWgSekyS6-2FjyNo... HTTP 302
https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

110
Requests

99 %
HTTPS

41 %
IPv6

11
Domains

20
Subdomains

17
IPs

2
Countries

2183 kB
Transfer

6770 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pop4kids.org/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url9657.admin.pop4kids.org/ls/click?upn=qMcka208RPCQm2vjNWzrRufrmYjfWCytZz1nz0O-2FE3KgxDWgSekyS6-2FjyNokjCLtckled0QNw60Cq-2FeipoqkMR8J8RrSzBt3GxVTJ86N5EofnUMHZe0fj9DTHvFQBDnX3KtR4kJnSzP-2F5YfUi6Zp1w-3D-3D6vbm_ADzr-2FUf0iU9ekAeB4EQg13WfZxfd6qQ7FGSl-2BOt52zWF6zpqsz-2BsVG2L8em56D-2F-2FpOj8n1A8Rkx969YqrmFhU5wltjWi0C2mKyXfTFgFcYZOZTXjwAOSGMg6VD-2F-2BCzg6fRi3y-2Fj6jKpzMi6RSwescLPkGSHdw78SSLzNxCnpOFMuhYgdXOKIYy5VRhsnmUFA-2ByD-2F7B7AmN-2F5a14boNk4UUhbRMNJexHUXJ0rWWnSESNj2qmACBCXoq4Ri-2BNLPGJugQv4Tjhdx-2B5Z7ub8BgzITw-3D-3D HTTP 302
https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

https://b.stats.paypal.com/v2/counter.cgi?p=uid_a4f844a125_mty6mjy6mji&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a4f844a125_mty6mjy6mji&s=SMART_PAYMENT_BUTTONS

110 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1si4iot2 Show response
app.pop4kids.org/westviewms80503/donations/new/
Redirect Chain

http://url9657.admin.pop4kids.org/ls/click?upn=qMcka208RPCQm2vjNWzrRufrmYjfWCytZz1nz0O-2FE3KgxDWgSekyS6-2FjyNokjCLtckled0QNw60Cq-2FeipoqkMR8J8RrSzBt3GxVTJ86N5EofnUMHZe0fj9DTHvFQBDnX3KtR4kJnSzP-2F5Y...
https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

9 KB
9 KB

508ms
246ms

Document
text/html

44.206.79.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.206.79.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-206-79-184.compute-1.amazonaws.com

Software

Resource Hash

c13fd35dc07e691e628ef64b5abb8f9b2d18b95856a56667ce09d572cf1dfc20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 16:26:20 GMT
etag: W/"c13fd35dc07e691e628ef64b5abb8f9b"
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: ddb47594-1217-4756-94ca-d5e4f5f32275
x-runtime: 0.137046
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 120
Content-Type: text/html; charset=utf-8
Date: Mon, 03 Oct 2022 16:26:20 GMT
Location: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 106ms
47ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-156124387-1

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d34bd3d4d589122c61bacb4bdf406dfe75bc75a88a6c90ae0f94469996b9b3cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42377
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 16:00:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Oct 2022 16:26:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 68ms
25ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8825dc4d61a2cadba97be1943b3915899749a233d2e719ea734e2ff043a0f421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Oct 2022 16:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 16:16:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Oct 2022 16:26:20 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ 56 KB
10 KB 209ms
72ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2124756
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10022
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-de0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FEA2MTs6X8p2nDRvoD2lFTpUlw6r8QCoLbAi2ITeNmhrMRdoZtpY9FQWrWKicKFqqHrtiyPKP5%2Bxb2p%2BC4ElN3ABCAmIp%2BPZ9djYRV4s%2BGeWP0C3gr1jfNA17nji11fyRNaQsJ%2BxRHLlCr6MQ6BZSp%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 754709f84b948fc5-FRA
expires: Sat, 23 Sep 2023 16:26:20 GMT

GET
H2 200 application-d721491026da3d5a8dfa08bd8d7abbc52dd3de30fe79d85d6942d900d2ff97e2.css
app.pop4kids.org/assets/ 204 KB
33 KB 116ms
111ms Stylesheet
text/css 44.206.79.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.pop4kids.org/assets/application-d721491026da3d5a8dfa08bd8d7abbc52dd3de30fe79d85d6942d900d2ff97e2.css
Requested by: Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.79.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-79-184.compute-1.amazonaws.com
Software: /
Resource Hash: 80b609d0d05a887c221ebb604d4c42df70af9227da0e553d47025b5024a4d0a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:20 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 22:08:26 GMT
content-length: 33940
vary: Accept-Encoding
content-type: text/css

GET
H2 200 application-ec8cb917183d7e48ba378ac1ba08883400e2789c90480b8f9d025dfe27b24c01.js Show response
app.pop4kids.org/assets/ 200 KB
62 KB 114ms
110ms Script
application/javascript 44.206.79.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.pop4kids.org/assets/application-ec8cb917183d7e48ba378ac1ba08883400e2789c90480b8f9d025dfe27b24c01.js
Requested by: Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.79.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-79-184.compute-1.amazonaws.com
Software: /
Resource Hash: f92825a0e804ca1bb8c2ef557d91d8aaf9d21791f1a3583dfbc3e848efc01bad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:20 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 22:08:26 GMT
content-length: 62963
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 application-dd27b1244a8e55891a3c.js Show response
app.pop4kids.org/packs/js/ 1 MB
313 KB 219ms
215ms Script
application/javascript 44.206.79.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.pop4kids.org/packs/js/application-dd27b1244a8e55891a3c.js
Requested by: Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.79.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-79-184.compute-1.amazonaws.com
Software: /
Resource Hash: f89ff8abc730e3ba85d574cf8f3816946d03e8617aeef92995f9f3e7a17089d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:20 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 22:08:26 GMT
content-length: 319577
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 application-bf3fe24b.css
app.pop4kids.org/packs/css/ 853 B
410 B 116ms
112ms Stylesheet
text/css 44.206.79.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.pop4kids.org/packs/css/application-bf3fe24b.css
Requested by: Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.79.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-79-184.compute-1.amazonaws.com
Software: /
Resource Hash: 95f3a4bcd30fa97b9be4695f32c226edad4b3bc8047a63a4fcc2d3c7c81a3817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:20 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 22:08:26 GMT
content-length: 276
vary: Accept-Encoding
content-type: text/css

GET
H2 200 / Show response
js.stripe.com/v3/ 352 KB
85 KB 106ms
30ms Script
text/javascript 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

29c19e04c933506896de66eeebf3238a1c418dfa7f73c09237dbd2bbf8098d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:26:01 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 28
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 23:44:11 GMT
server: Cloudfront
etag: W/"064c6a075d94f4c6932a4f3aa696b02b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: ZtBa0YyN_35Eojv8A-hM10DosC5Wl5kTAA16W-nW3AcYMczb1yh9xw==

GET
H2 200 pop_combo_logo_white-e51afb67e2414adc8e35507b3dda4d44011f3fbbcfe36dd7e3703a7a559b8cfc.png
app.pop4kids.org/assets/logos/ 37 KB
37 KB 119ms
118ms Image
image/png 44.206.79.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.pop4kids.org/assets/logos/pop_combo_logo_white-e51afb67e2414adc8e35507b3dda4d44011f3fbbcfe36dd7e3703a7a559b8cfc.png
Requested by: Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.79.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-79-184.compute-1.amazonaws.com
Software: /
Resource Hash: 28f07b26b860a123578ae68797a12e99414a5a12412d3f48a53784421159862d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
last-modified: Thu, 29 Sep 2022 22:08:26 GMT
content-length: 37982
content-type: image/png

GET
H/1.1 200
OK gsec0v4pqdfsfdsxljd3a2hwrljx
s3.amazonaws.com/prod.pop.platform-attachments.bucket/ 99 KB
99 KB 420ms
202ms Image
image/png 52.217.33.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/prod.pop.platform-attachments.bucket/gsec0v4pqdfsfdsxljd3a2hwrljx?response-content-disposition=inline%3B%20filename%3D%22blob%22%3B%20filename%2A%3DUTF-8%27%27blob&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIARFQZYY6VV2WXQYEI%2F20221003%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221003T162620Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEOz%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIAlPkTnX9uMD0n%2BD7uyTmsPz2Pax2aIG0Z4GSpHR7v2AAiEAvaCOnvI%2FxRvzBju5yQ8k3MrVpWBxovfRPcI42xproekq1gQIpf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARADGgwwODA1ODQ2ODk1NzkiDNorEwOT5xhBOxHVJCqqBPsI6Lyb%2Bybn7%2FwPdLFaHGZZ9WOxtk1Y4MGAd5J6RPRbVNU9VT4fjB4D883A%2BNo4WgdOLSZJ9B%2FBLBJa7%2F8k2AfIJlLmXSAOFHzFsU7NRBFWHhjaGi6MgjqPWb4G29uVPNlBE%2BeiXooy1yoteNLyiuT22OXBHGCQOwtgER3ZXuFZBGGpE7aL4Mg9P3GoU2feNMTqSBxsi4UEWji2zBFyMmktpg%2FhXwFcgd9Cdkkl6Smv1cn3fdPelTkvVGGlZx5F6D%2Bc2vzL6lb8IZ0DzLneBFISYROsE5QisPnT6EWtPpZtImjgpAIovfH5h2T5CNLq1y0ZoU53CmxM%2BYhv8lc%2Fr8Y9%2BeZFNL7Uv2KQbo9Q1n4piBL04CxcPdA3aIRksCr4KvHYkelrZIk0BICnO4X4qxlo%2FQhIpJ7wwqRBC3R5C9JjcQJ0zKbxSF9rkgGAmx7FD6oXBnPmEZpFI54kMt80CRuFx5%2BvLsxBnB4P%2BQrCzCarYU4XI%2B70XkvtDA65TN7AoRcVX2EooXklAbUclI%2BPL%2FJcWLO59eENf%2FqLflxCPQTnxlEBjRGX2rIKPE4OlNWHKjfAyEbQdP3TLWROIxNrI6Kz9YZBhksGnihQzMNb0XB0Pt3VUGgvHS9Eabx4mYFtY%2F8OuhfuoBdBWoB1x6vrbw4%2BYhihWG2taqSg4YDWxl3HyAKdbgR9esQ7xiFdj1hkmi3%2B8YeHbDht8PkZwinHyOYh1vQdT%2Bu9%2BZEnMPeZ65kGOqkBd204b2epOb3Je9og7gkqbCs5wMNvh3ZwLJCGctgHcb%2BcLI0Fi9jZN4AMyCkdGyv%2FiVYxl3Pcyy1n1dd6GiofK%2FMVCgFrZ%2FiXEJBJhJgsshlG%2Bce%2BAvFe7WD16aG4f%2F2rw%2F7XE%2Bs%2FjibLks5adChQdPLp3lNihgzBUL5PH%2F4uZI3Lcpyqr3z7MR2ykJttDrPByrwXwL9fxwvbNZaJLYCfG3pTQwiXqUiIHw%3D%3D&X-Amz-Signature=61f84e78b821dd65bac402b186cb560440b087dfca905054d5015420d414ac6a
Requested by: Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.33.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88f9b139ebef0f6ab21ffd2ef43520dbb1c350eedf975756909001953195cceb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 16:26:22 GMT
Last-Modified: Mon, 26 Sep 2022 23:33:41 GMT
Server: AmazonS3
x-amz-request-id: YDT2B6FD83R1C0V3
ETag: "877361d8785340c12569552653406c27"
Content-Type: image/png
Content-Disposition: inline; filename="blob"; filename*=UTF-8''blob
Accept-Ranges: bytes
Content-Length: 101113
x-amz-id-2: OFlJBN3ucSW7gkBLKROm+smAhFhTJFjikvr7fuiKjCWIoR+m+mljwjAxBo7FLD5CfBenFnVUrF8=

GET
H2 200 loading-29a4b1e78d3fe6088d4dff2ec7061be2a3ce5b1d26d68c503436486ab0e6019c.svg
app.pop4kids.org/assets/ 2 KB
2 KB 114ms
113ms Image
image/svg+xml 44.206.79.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.pop4kids.org/assets/loading-29a4b1e78d3fe6088d4dff2ec7061be2a3ce5b1d26d68c503436486ab0e6019c.svg
Requested by: Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.79.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-79-184.compute-1.amazonaws.com
Software: /
Resource Hash: da039861390e3df800b9a061b194831e99add8454ef4c8e8ca3c5f29c8f6a8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
last-modified: Thu, 29 Sep 2022 22:08:26 GMT
content-length: 2402
content-type: image/svg+xml

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 121 KB
46 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PR3M2Z3

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6bce3d6703d2c9a93a6408c8f5ef1dfce63c54893a600a42efa5954ce589016a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47208
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 16:00:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Oct 2022 16:26:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156124387-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 15:15:57 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4224
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Mon, 03 Oct 2022 17:15:57 GMT

GET
H2 200 girl_jumping-973d6d544d6d20148c2f13b7b96017f478fe20201cc6b2d5f78638b338582ead.png
app.pop4kids.org/assets/signin/ 90 KB
90 KB 111ms
111ms Image
image/png 44.206.79.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.pop4kids.org/assets/signin/girl_jumping-973d6d544d6d20148c2f13b7b96017f478fe20201cc6b2d5f78638b338582ead.png
Requested by: Host: app.pop4kids.org
URL: https://app.pop4kids.org/assets/application-d721491026da3d5a8dfa08bd8d7abbc52dd3de30fe79d85d6942d900d2ff97e2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.79.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-79-184.compute-1.amazonaws.com
Software: /
Resource Hash: 1d2ee6d7fcec4cdc4095891c3b13f7969476396552b3f48bfefffb1e17a31701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/assets/application-d721491026da3d5a8dfa08bd8d7abbc52dd3de30fe79d85d6942d900d2ff97e2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
last-modified: Thu, 29 Sep 2022 22:08:26 GMT
content-length: 91909
content-type: image/png

GET
H2 200 man_jumping-4e6136b3b2addb6e9b2f8f08fabb26a75527f3b1f4683c9142c9d640befea493.png
app.pop4kids.org/assets/signin/ 47 KB
47 KB 111ms
110ms Image
image/png 44.206.79.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.pop4kids.org/assets/signin/man_jumping-4e6136b3b2addb6e9b2f8f08fabb26a75527f3b1f4683c9142c9d640befea493.png
Requested by: Host: app.pop4kids.org
URL: https://app.pop4kids.org/assets/application-d721491026da3d5a8dfa08bd8d7abbc52dd3de30fe79d85d6942d900d2ff97e2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.79.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-79-184.compute-1.amazonaws.com
Software: /
Resource Hash: 9d909965200346989dc8e7681e8049ac04b1159c4d910fe9aa10600ac59bccc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/assets/application-d721491026da3d5a8dfa08bd8d7abbc52dd3de30fe79d85d6942d900d2ff97e2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
last-modified: Thu, 29 Sep 2022 22:08:26 GMT
content-length: 48271
content-type: image/png

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 62ms
23ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.pop4kids.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 392521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Sep 2023 03:24:20 GMT

GET
H2 200 controller-7b7be4952e29571eed1851f2037396fe.html Show response
js.stripe.com/v3/ Frame D9B5 297 B
1 KB 24ms
23ms Document
text/html 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-7b7be4952e29571eed1851f2037396fe.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8471bc9d035c242effa34a69e92e6cfa1b38b4538a6f5bc184db22f9801fb168

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.pop4kids.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 47
cache-control: max-age=60
content-length: 297
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 16:25:38 GMT
etag: "7b7be4952e29571eed1851f2037396fe"
last-modified: Fri, 30 Sep 2022 23:21:11 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-id: i2kmfXmsgvd4jFF3GiNYdbamqrTtxbHaimj5EqxsX5BPgLtEYN-0LQ==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 74 KB
75 KB 52ms
30ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin: https://app.pop4kids.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2379744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75728
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-127d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7w36bFTuFM0S%2Fqh937T%2FxTnxTLWibemOgNQg0e1cdY0bt6TFfZ4uoZS2UtCAepnV3X%2FBdzGRXUr%2B3m0t323DlzEO6RexrFTsCrt%2BsdV%2BFq5FegU9Nwxg7BaGqLro8VksaELwJSyS6f53n5guVE2BgKO"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 754709fb5898bb53-FRA
expires: Sat, 23 Sep 2023 16:26:21 GMT

GET
H2 200 elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html Show response
js.stripe.com/v3/ Frame EBC9 756 B
2 KB 23ms
23ms Document
text/html 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

00ac2a02fca3f02d45f5f32ac98e025b188f21921990c161901ba1afb725abfb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.pop4kids.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3140
cache-control: max-age=31536000
content-length: 756
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 15:34:17 GMT
etag: "48778c287c5af95ea8fab8979c7c4d9b"
last-modified: Fri, 30 Sep 2022 23:21:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-id: E7n2GQfm89dOhuz1Rzw1cz51AtLO0nGxkuQy-Heb5dT5n7IJjcrhjg==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html Show response
js.stripe.com/v3/ Frame 213D 756 B
2 KB 23ms
22ms Document
text/html 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

00ac2a02fca3f02d45f5f32ac98e025b188f21921990c161901ba1afb725abfb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.pop4kids.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3140
cache-control: max-age=31536000
content-length: 756
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 15:34:17 GMT
etag: "48778c287c5af95ea8fab8979c7c4d9b"
last-modified: Fri, 30 Sep 2022 23:21:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-id: AnLU_ev7ErawOSnSFyYw_cmmBtxWdEuiz94QrT5eAoajeefAXhR3qQ==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html Show response
js.stripe.com/v3/ Frame F1C3 756 B
2 KB 22ms
22ms Document
text/html 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

00ac2a02fca3f02d45f5f32ac98e025b188f21921990c161901ba1afb725abfb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.pop4kids.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3140
cache-control: max-age=31536000
content-length: 756
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 15:34:17 GMT
etag: "48778c287c5af95ea8fab8979c7c4d9b"
last-modified: Fri, 30 Sep 2022 23:21:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-id: 8Hgu0C-kOlcF4l3Xve3oXcJXU2MT6mi9YKhiIQipXY8FMT6y3Yfjhg==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 js Show response
www.paypal.com/sdk/ 337 KB
104 KB 562ms
501ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&components=buttons

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/packs/js/application-dd27b1244a8e55891a3c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD4) /

Resource Hash

8f61c68a7a3e7240f5c65d85c0b6499ffb3cfd954f0825f8ca81d53d7449856e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-YQgSKPaHHUYgA5jUAgd7j1oDV4OktHrM+5jMagtOKHic5EXm' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-YQgSKPaHHUYgA5jUAgd7j1oDV4OktHrM+5jMagtOKHic5EXm' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-YQgSKPaHHUYgA5jUAgd7j1oDV4OktHrM+5jMagtOKHic5EXm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-YQgSKPaHHUYgA5jUAgd7j1oDV4OktHrM+5jMagtOKHic5EXm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:26:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: true
paypal-debug-id: 0a0983b166a28
server-timing: traceparent;desc="00-00000000000000000000a0983b166a28-edf3a1ff85e34253-01", content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=485
dc: ccg11-origin-www-1.paypal.com
content-length: 104681
x-xss-protection: 1; mode=block
server: ECAcc (frc/4CD4)
traceparent: 00-00000000000000000000a0983b166a28-f9d242cb8bd7c725-01
etag: W/"198e9-eugzzCOvD7XQhXef25gHAoPdPos"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
timing-allow-origin: *

GET
H2 200 cards-accepted-f05d9c6d628e07d98a6187c125449fe9781982e830996cfd352b51c4a390af44.jpg
app.pop4kids.org/assets/ 9 KB
10 KB 107ms
107ms Image
image/jpeg 44.206.79.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.pop4kids.org/assets/cards-accepted-f05d9c6d628e07d98a6187c125449fe9781982e830996cfd352b51c4a390af44.jpg
Requested by: Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.79.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-79-184.compute-1.amazonaws.com
Software: /
Resource Hash: d72dff41056af25325e375876201bbf13f59c13b832fb27f7af4e25e9490c1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
last-modified: Thu, 29 Sep 2022 22:08:26 GMT
content-length: 9629
content-type: image/jpeg

GET
H2 200 m-outer-1e02661a8587829bfa8aff26a17a6522.html Show response
js.stripe.com/v3/ Frame BF96 186 B
1 KB 22ms
22ms Document
text/html 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-1e02661a8587829bfa8aff26a17a6522.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

39f73289f084687849630a1dd9997cc6fe9630f9f0f01789aa04ac4b452385c4

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.pop4kids.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3471
cache-control: max-age=31536000
content-length: 186
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 16:16:37 GMT
etag: "1e02661a8587829bfa8aff26a17a6522"
last-modified: Fri, 30 Sep 2022 23:21:23 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-id: 2J91A_1_6WTBeGo5Bc8G5TscVJ8YSoNGH16en1tCrC_x0djD3vMoiQ==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame D9B5 0
570 B 744ms
350ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-353861413965d87fec4715b9e61cca44.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D9B5 313 KB
77 KB 25ms
23ms Script
text/javascript 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-7b7be4952e29571eed1851f2037396fe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b5140ed3c970642ead3e1e5381b3e63aea9b4b6e99f90a06cda51965588635e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-7b7be4952e29571eed1851f2037396fe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:16:40 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 588
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 23:21:23 GMT
server: Cloudfront
etag: W/"25b9d50789c7f2a4c3361c7d28aef3f1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: vCQAihtOefFxV-rq1scFFV8rJwvAY886-Q8zIYbxTpvebTtM3Ar9dw==

GET
H2 200 controller-8547c986f91178e522cad688d0c60d4b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D9B5 366 KB
100 KB 31ms
30ms Script
text/javascript 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-8547c986f91178e522cad688d0c60d4b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-7b7be4952e29571eed1851f2037396fe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3e72d191ff5ce884a886e10287834348cfd7b344daf0767045ad29763436b5b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-7b7be4952e29571eed1851f2037396fe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:16:40 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 588
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 23:21:19 GMT
server: Cloudfront
etag: W/"0bea75b30e5d265dc005aa124b654ff3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: WIWa7R_wCQr8MCqHvFfiXCksPEQ7wvuwybas8cg3354uwHO5mYo_WA==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 56ms
23ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=819164956&t=pageview&_s=1&dl=https%3A%2F%2Fapp.pop4kids.org%2Fwestviewms80503%2Fdonations%2Fnew%2F1si4iot2%3Fmethod%3Demail%26request%3Dp2zn2pmp&ul=en-us&de=UTF-8&dt=PoP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1812571675&gjid=240440229&cid=1800083406.1664814381&tid=UA-156124387-1&_gid=1439244943.1664814381&_r=1&gtm=2ou9s0&z=958107121

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.pop4kids.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 16:26:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.pop4kids.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame EBC9 0
570 B 731ms
351ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame EBC9 0
571 B 729ms
349ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 ui-shared-1104b2481ba0bac028499b76824b8032.css
js.stripe.com/v3/fingerprinted/css/ Frame EBC9 19 KB
4 KB 35ms
34ms Stylesheet
text/css 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1104b2481ba0bac028499b76824b8032.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:25:54 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 55
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 23:21:12 GMT
server: Cloudfront
etag: W/"ac79e433d75898d8e3712ae684cf6c65"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: UfNZVFDS0uCfmgV-2pTVNobo7dQbxfi05z4x373XpuplsGEI-uEPuA==

GET
H2 200 elements-inner-card-0349ec974b2b1f26950cb84d94991679.css
js.stripe.com/v3/fingerprinted/css/ Frame EBC9 5 KB
2 KB 35ms
34ms Stylesheet
text/css 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-0349ec974b2b1f26950cb84d94991679.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e85ee1afb5bf6c2d7763e7f00700f568592ecb6167ad9fd5e86fa5d33e2ba83d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:25:54 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 80
x-cache: Hit from cloudfront
last-modified: Thu, 22 Sep 2022 18:13:11 GMT
server: Cloudfront
etag: W/"462345085048f256c766334eaee7e376"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Cuk5jG6q8a0rmt88HOrx1JqeShiGtkUW2qxYjZdq5TtL6_c4izfhzA==

GET
H2 200 shared-353861413965d87fec4715b9e61cca44.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EBC9 313 KB
77 KB 35ms
34ms Script
text/javascript 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b5140ed3c970642ead3e1e5381b3e63aea9b4b6e99f90a06cda51965588635e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:16:40 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 588
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 23:21:23 GMT
server: Cloudfront
etag: W/"25b9d50789c7f2a4c3361c7d28aef3f1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: EOzUQHKQ8UJbhu8PqbWDPDMGBFp6Ls5JvcnQrHzV8t7F6n6O4U-1pA==

GET
H2 200 ui-shared-8288c7ff63b12ca78051f2b371766e71.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EBC9 210 KB
64 KB 40ms
39ms Script
text/javascript 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-8288c7ff63b12ca78051f2b371766e71.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

66b99b949c6294f8a68f959968606914ec331cf3d8e7f3940389facd3e4ec980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:25:54 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 149
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 23:21:23 GMT
server: Cloudfront
etag: W/"4ec6679408aeee7ee59ce8f6db5b5664"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: KDE3htVef9gJ3H2bxSW9INLu52whxOP-hTVcOSyA_e4s0NaRKEdQOg==

GET
H2 200 elements-inner-card-9f39cebbdfd087029f1c96d7183ea528.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EBC9 48 KB
13 KB 42ms
42ms Script
text/javascript 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-9f39cebbdfd087029f1c96d7183ea528.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c0f4d45b190c61c1fff0180b947734751a95d412897d86278aacd385672d9773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:25:54 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 148
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 23:21:19 GMT
server: Cloudfront
etag: W/"a7699598a85d2e7bc0e9fd4801fc2124"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 8tHzien6r_rGvXQ-nFcPW3cRVqFAIVqtEYnoGfmXRSi-sufHvA4AxA==

POST
H2 200 csp-report
q.stripe.com/ Frame 213D 0
570 B 724ms
351ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 213D 0
570 B 723ms
350ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 ui-shared-1104b2481ba0bac028499b76824b8032.css
js.stripe.com/v3/fingerprinted/css/ Frame 213D 19 KB
4 KB 36ms
35ms Stylesheet
text/css 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1104b2481ba0bac028499b76824b8032.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:25:54 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 55
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 23:21:12 GMT
server: Cloudfront
etag: W/"ac79e433d75898d8e3712ae684cf6c65"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: GcdTGHg16h6tViO7W2ldoIsEOsjXRaxVo9VzWdJZ9-gxb767-nnAHA==

GET
H2 200 elements-inner-card-0349ec974b2b1f26950cb84d94991679.css
js.stripe.com/v3/fingerprinted/css/ Frame 213D 5 KB
2 KB 37ms
36ms Stylesheet
text/css 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-0349ec974b2b1f26950cb84d94991679.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e85ee1afb5bf6c2d7763e7f00700f568592ecb6167ad9fd5e86fa5d33e2ba83d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:25:54 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 80
x-cache: Hit from cloudfront
last-modified: Thu, 22 Sep 2022 18:13:11 GMT
server: Cloudfront
etag: W/"462345085048f256c766334eaee7e376"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _bcAz02lpSOmWz5XN1eQ0O_os2sjbcyuby5KQWVipt5nzOzAJEtKdA==

GET
H2 200 shared-353861413965d87fec4715b9e61cca44.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 213D 313 KB
77 KB 37ms
36ms Script
text/javascript 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b5140ed3c970642ead3e1e5381b3e63aea9b4b6e99f90a06cda51965588635e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:16:40 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 588
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 23:21:23 GMT
server: Cloudfront
etag: W/"25b9d50789c7f2a4c3361c7d28aef3f1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: GZMtgtWq5CMSLZz7zCRGBbnaz7FOQ4xr-mzcPyXzvH6uAHvHbYIVyg==

GET
H2 200 ui-shared-8288c7ff63b12ca78051f2b371766e71.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 213D 210 KB
64 KB 46ms
45ms Script
text/javascript 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-8288c7ff63b12ca78051f2b371766e71.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

66b99b949c6294f8a68f959968606914ec331cf3d8e7f3940389facd3e4ec980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:25:54 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 149
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 23:21:23 GMT
server: Cloudfront
etag: W/"4ec6679408aeee7ee59ce8f6db5b5664"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: uK7uBfDrO1iOWg86-5efDinZEPeidZuPbLyNaw_8rW8uEFfx70Sfeg==

GET
H2 200 elements-inner-card-9f39cebbdfd087029f1c96d7183ea528.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 213D 48 KB
13 KB 48ms
48ms Script
text/javascript 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-9f39cebbdfd087029f1c96d7183ea528.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c0f4d45b190c61c1fff0180b947734751a95d412897d86278aacd385672d9773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:25:54 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 148
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 23:21:19 GMT
server: Cloudfront
etag: W/"a7699598a85d2e7bc0e9fd4801fc2124"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ztGYytVdg1toKj5LCMUPGgwhOPaPC-7BPfML3CdDPX7ZmNHXNJAAOA==

POST
H2 200 csp-report
q.stripe.com/ Frame F1C3 0
570 B 721ms
352ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F1C3 0
570 B 723ms
355ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 ui-shared-1104b2481ba0bac028499b76824b8032.css
js.stripe.com/v3/fingerprinted/css/ Frame F1C3 19 KB
4 KB 45ms
44ms Stylesheet
text/css 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1104b2481ba0bac028499b76824b8032.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:25:54 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 55
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 23:21:12 GMT
server: Cloudfront
etag: W/"ac79e433d75898d8e3712ae684cf6c65"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: nGL0YQSXQNnGy7SKG12YJyhaJBhPB0zL9LZgIBRvetrwDr0vlLS18A==

GET
H2 200 elements-inner-card-0349ec974b2b1f26950cb84d94991679.css
js.stripe.com/v3/fingerprinted/css/ Frame F1C3 5 KB
2 KB 46ms
44ms Stylesheet
text/css 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-0349ec974b2b1f26950cb84d94991679.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e85ee1afb5bf6c2d7763e7f00700f568592ecb6167ad9fd5e86fa5d33e2ba83d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:25:54 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 80
x-cache: Hit from cloudfront
last-modified: Thu, 22 Sep 2022 18:13:11 GMT
server: Cloudfront
etag: W/"462345085048f256c766334eaee7e376"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: CSbKyOdEyk0hMS_Xc22FTwKrIBDeSUme4Wu8ykiH_Qal4JGU7o1qDw==

GET
H2 200 shared-353861413965d87fec4715b9e61cca44.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F1C3 313 KB
77 KB 49ms
48ms Script
text/javascript 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b5140ed3c970642ead3e1e5381b3e63aea9b4b6e99f90a06cda51965588635e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:16:40 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 588
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 23:21:23 GMT
server: Cloudfront
etag: W/"25b9d50789c7f2a4c3361c7d28aef3f1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: dnL-WecFpDRyRg-J9My8ua9KHGWLJlfch4wQ0gMKkRmC2doSnyTlSg==

GET
H2 200 ui-shared-8288c7ff63b12ca78051f2b371766e71.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F1C3 210 KB
64 KB 46ms
45ms Script
text/javascript 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-8288c7ff63b12ca78051f2b371766e71.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

66b99b949c6294f8a68f959968606914ec331cf3d8e7f3940389facd3e4ec980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:25:54 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 149
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 23:21:23 GMT
server: Cloudfront
etag: W/"4ec6679408aeee7ee59ce8f6db5b5664"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: z6G1ZMiof6Z-EPMGaC3hpRi09ovrvMsAyNEoLUgSGwGYRCc4Dk-bMg==

GET
H2 200 elements-inner-card-9f39cebbdfd087029f1c96d7183ea528.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F1C3 48 KB
13 KB 48ms
47ms Script
text/javascript 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-9f39cebbdfd087029f1c96d7183ea528.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c0f4d45b190c61c1fff0180b947734751a95d412897d86278aacd385672d9773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-48778c287c5af95ea8fab8979c7c4d9b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:25:54 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 148
x-cache: Hit from cloudfront
last-modified: Fri, 30 Sep 2022 23:21:19 GMT
server: Cloudfront
etag: W/"a7699598a85d2e7bc0e9fd4801fc2124"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: XDVoZbyEnTq1RSJpi1u49FIRzz2jv-7zWMPWYU-EHf_4aID8mTifrg==

POST
H2 200 csp-report
q.stripe.com/ Frame BF96 0
570 B 717ms
351ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame BF96 0
570 B 717ms
352ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-945f047da5e8ad2631328de22d68a395.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BF96 526 B
1 KB 46ms
45ms Script
text/javascript 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-945f047da5e8ad2631328de22d68a395.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-1e02661a8587829bfa8aff26a17a6522.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-1e02661a8587829bfa8aff26a17a6522.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 03 Oct 2022 16:16:37 GMT
x-content-type-options: nosniff
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 2262
x-cache: Hit from cloudfront
content-length: 526
last-modified: Fri, 30 Sep 2022 23:21:22 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: sCpOcBVBqZuCGuOqb-P1fyNmC3U_q7cekDlJnt1bEVPDFROdzROz2g==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 25ms
24ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=819164956&t=pageview&_s=1&dl=https%3A%2F%2Fapp.pop4kids.org%2Fwestviewms80503%2Fdonations%2Fnew%2F1si4iot2%3Fmethod%3Demail%26request%3Dp2zn2pmp&ul=en-us&de=UTF-8&dt=PoP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1599546210&gjid=959493933&cid=1800083406.1664814381&tid=UA-156124387-1&_gid=1439244943.1664814381&_r=1&gtm=2wg9s0PR3M2Z3&z=791897387

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.pop4kids.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 16:26:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.pop4kids.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=819164956&t=event&ni=0&_s=1&dl=https%3A%2F%2Fapp.pop4kids.org%2Fwestviewms80503%2Fdonations%2Fnew%2F1si4iot2%3Fmethod%3Demail%26request%3Dp2zn2pmp&ul=en-us&de=UTF-8&dt=PoP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Custom%20Page%20View&ea=Custom%20Page%20View%20Action&el=app.pop4kids.org&ev=0&_u=aEDAAUABAAAAAC~&jid=&gjid=&cid=1800083406.1664814381&tid=UA-156124387-1&_gid=1439244943.1664814381&gtm=2wg9s0PR3M2Z3&z=1063761314

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 21:09:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69400
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=819164956&t=event&ni=0&_s=1&dl=https%3A%2F%2Fapp.pop4kids.org%2Fwestviewms80503%2Fdonations%2Fnew%2F1si4iot2%3Fmethod%3Demail%26request%3Dp2zn2pmp&ul=en-us&de=UTF-8&dt=PoP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Full%20URL%20Page%20View&ea=Custom%20Page%20URL&el=https%3A%2F%2Fapp.pop4kids.org%2Fwestviewms80503%2Fdonations%2Fnew%2F1si4iot2%3Fmethod%3Demail%26request%3Dp2zn2pmp&ev=0&_u=aEDAAUABAAAAAC~&jid=&gjid=&cid=1800083406.1664814381&tid=UA-156124387-1&_gid=1439244943.1664814381&gtm=2wg9s0PR3M2Z3&z=1165177037

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 21:09:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69400
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1489-8b86da401d493fc7478fbafda5019691.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D9B5 231 KB
48 KB 24ms
23ms Script
text/javascript 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/1489-8b86da401d493fc7478fbafda5019691.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-8547c986f91178e522cad688d0c60d4b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-7b7be4952e29571eed1851f2037396fe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 15:57:18 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 1757
x-cache: Hit from cloudfront
last-modified: Thu, 15 Sep 2022 21:19:54 GMT
server: Cloudfront
etag: W/"ab675b71d19378124fcdf3c0f6dad353"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _7OK8cBBHVJv9D7D2UZS4LyFZppKebcVfkdezLw3G0y4XyMurST7LA==

GET
H2 200 phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D9B5 2 KB
1 KB 23ms
23ms Script
text/javascript 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-8547c986f91178e522cad688d0c60d4b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-29.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-7b7be4952e29571eed1851f2037396fe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:06:23 GMT
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 1237
x-cache: Hit from cloudfront
last-modified: Fri, 16 Sep 2022 17:52:57 GMT
server: Cloudfront
etag: W/"f1717e2e478c68d16ccd7b37768700be"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: d7D7T-CAEQErYt1IGL8nPwVDo6mooh5wOCxoYMogZAde40ZUhQxc5Q==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame D9B5 474 B
864 B 69ms
23ms Fetch
application/json 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-29.ams1.r.cloudfront.net
Software: Cloudfront /
Resource Hash: b0c6a5ef5c37bf0f3ca90ed539fe754970fce8111f53a05d3f3cd19d7a1ad12c

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-7b7be4952e29571eed1851f2037396fe.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 03 Oct 2022 16:26:21 GMT
via: 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront)
last-modified: Fri, 30 Sep 2022 23:44:12 GMT
server: Cloudfront
x-amz-cf-pop: AMS1-P1
age: 11
etag: "1c49d2b19f7596b380dfbbed20737b7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: XBVlekQpHte1feDF7LtroetQtcXnHGUrfAslyaO77mmM7K5oOW1ZJQ==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 31F4 930 B
2 KB 272ms
29ms Document
text/html 2600:9000:206e:1000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-945f047da5e8ad2631328de22d68a395.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206e:1000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 113
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 16:24:29 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
x-amz-cf-id: 5pSw6wAhgO3-ENsYNonjYzc0Bs1HCoPVZST1yeU1WcuiPJY4QEXoAA==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 742ms
344ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
128 B 741ms
343ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 745ms
348ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 745ms
348ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 910ms
513ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 913ms
517ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 911ms
515ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 917ms
522ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 747ms
351ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 918ms
523ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 743ms
349ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 744ms
350ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 741ms
347ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 747ms
353ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 745ms
352ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 747ms
354ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 738ms
346ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 747ms
355ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 911ms
519ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 746ms
354ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 746ms
355ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 743ms
353ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 742ms
352ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 909ms
520ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame 31F4 0
344 B 296ms
296ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 16:26:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 31F4 86 KB
16 KB 32ms
32ms Script
text/javascript 2600:9000:206e:1000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206e:1000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:23:43 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 161
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: 0cxt7zMeCDbSYDTfAAvNLeE63UOLdffeTDz_bCsUZEQ4xvP8Z8DXyQ==

POST
H2 200 6 Show response
m.stripe.com/ Frame 31F4 156 B
522 B 570ms
183ms XHR
application/json 52.89.187.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.187.149 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-89-187-149.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3fe974c2f40e85ecc188157b7ec3276196d4aa9ad79040db04682b1c9da0db16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 03 Oct 2022 16:26:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
14 KB 16ms
16ms Script
application/x-javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=app.pop4kids.org&t=xo&v=5.0.334&source=payments_sdk&client_id=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&comp=buttons&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&components=buttons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB3) /

Resource Hash

45213d15e0380b3b8d757f8b3e4daba79d2eb2127d6fd15c5cc63149333dfbfe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-JpmpHcsteAJYGXEXbxHtwXJWtXWkrnE2DniFhQ6pfwuoA66s' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-JpmpHcsteAJYGXEXbxHtwXJWtXWkrnE2DniFhQ6pfwuoA66s' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
date: Mon, 03 Oct 2022 16:26:22 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 39535
x-cache: HIT
paypal-debug-id: 0975161a4a615
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=2
dc: ccg11-origin-www-1.paypal.com
content-length: 13653
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Oct 2022 05:27:28 GMT
server: ECAcc (frc/4CB3)
traceparent: 00-00000000000000000000975161a4a615-9122ad332272c33d-01
etag: W/"3555-zQK4JMdFbvqel+cKm+Sd5FklMqk"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 3AC5 404 KB
125 KB 641ms
640ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=32&style.menuPlacement=below&sdkVersion=5.0.334&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWFIWGktSWJBTkEtajJUX0pBSzR0SU5FY0tDMlhyemlOYWFoYTJHVGlVaEd5WExWNFVha1FtcFdVS01KdVRXaE02Z0pxdllxbk5ybERYNG0mY29tcG9uZW50cz1idXR0b25zIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoicmVhY3QtcGF5cGFsLWpzIiwiZGF0YS11aWQiOiJ1aWRfeGhkanp0ZnZja3djdHBuemZkdGpld2FpbWNpcXRwIn19&clientID=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&sdkCorrelationID=05553a7b52843&storageID=uid_9f54489afd_mty6mjy6mji&sessionID=uid_a4f844a125_mty6mjy6mji&buttonSessionID=uid_cafe47ea11_mty6mjy6mji&env=production&buttonSize=small&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&components=buttons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF9) /

Resource Hash

695bcb1ddfdcd6d41bce392681c2fd90e0d972aebb2bc7cee402b9b8b5a20d22

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.pop4kids.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 16:26:22 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"64fe5-N8IFFx5Q7A3J14lZ3NfnWu73pe8"
p3p: true
paypal-debug-id: 062209b696628
server: ECAcc (frc/4CF9)
server-timing: traceparent;desc="00-0000000000000000000062209b696628-2cef515af5eca574-01" content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=333
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000062209b696628-61532ca3a8f34b34-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-ec-security-audit: 403
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 3659 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1019 B
2 KB 220ms
219ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&components=buttons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE0) /

Resource Hash

808ee57bf36c8aa5f7c5b263320ed4141aa8f58e2cbe249680cd6ba105430eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://app.pop4kids.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type: application/json

Response headers

date: Mon, 03 Oct 2022 16:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 0463b495576aa
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=205
dc: ccg11-origin-www-1.paypal.com
content-length: 606
server: ECAcc (frc/4CE0)
traceparent: 00-00000000000000000000463b495576aa-ef7da44cfdb928cc-01
etag: W/"3fb-l6DzJcD2vOyf73dJxCIzgLDd4XE"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.pop4kids.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 242ms
193ms Preflight 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE0) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.pop4kids.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://app.pop4kids.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Mon, 03 Oct 2022 16:26:22 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: 0056032852045
server: ECAcc (frc/4CE0)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=174
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000056032852045-bc50b6832aaf583f-01
x-content-type-options: nosniff

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 221ms
72ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=app.pop4kids.org&t=xo&v=5.0.334&source=payments_sdk&client_id=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&comp=buttons&vault=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:22 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 84840867de170
dc: ccg11-origin-www-1.paypal.com
content-length: 16464
x-served-by: cache-sjc10024-SJC, cache-hhn4074-HHN
last-modified: Tue, 03 May 2022 17:28:29 GMT
x-timer: S1664814382.315349,VS0,VE0
etag: W/"6271663d-da91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 353228, 155619

GET
H2 200 ts
t.paypal.com/ 42 B
647 B 205ms
191ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AMBYWT4MBFNV3U-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AMBYWT4MBFNV3U-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=69aa135d-0459-42e7-9331-daa46757b695&fltp=analytics&mrid=MBYWT4MBFNV3U&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=PoP&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1664814382101&g=0&completeurl=https%3A%2F%2Fapp.pop4kids.org%2Fwestviewms80503%2Fdonations%2Fnew%2F1si4iot2%3Fmethod%3Demail%26request%3Dp2zn2pmp

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF7) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 16:26:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (frc/4CF7)
traceparent: 00-0000000000000000000976820d96966c-98467ea8abad04f3-01
content-type: image/gif
paypal-debug-id: 976820d96966c
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=174
timing-allow-origin: *
content-length: 42
expires: Mon, 03 Oct 2022 16:26:22 GMT

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 7129 54 KB
17 KB 62ms
61ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.pop4kids.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Mon, 03 Oct 2022 16:26:22 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6271663d-d994"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 50b39f10d2761
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 408887, 165569
x-content-type-options: nosniff
x-served-by: cache-sjc10066-SJC, cache-hhn4074-HHN
x-timer: S1664814382.398339,VS0,VE0

GET
H2 200 ts
t.paypal.com/ 42 B
502 B 178ms
178ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AMBYWT4MBFNV3U-1&page=muse%3Aoffer%3A%3A%3AMBYWT4MBFNV3U-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=69aa135d-0459-42e7-9331-daa46757b695&es=visitorInfoFlowStarted&mrid=MBYWT4MBFNV3U&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=PoP&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1664814382424&g=0&completeurl=https%3A%2F%2Fapp.pop4kids.org%2Fwestviewms80503%2Fdonations%2Fnew%2F1si4iot2%3Fmethod%3Demail%26request%3Dp2zn2pmp

Requested by

Host: app.pop4kids.org
URL: https://app.pop4kids.org/westviewms80503/donations/new/1si4iot2?method=email&request=p2zn2pmp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF9) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pop4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 16:26:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (frc/4CF9)
traceparent: 00-00000000000000000005f8cec6fb2f53-93d018d36863ca48-01
content-type: image/gif
paypal-debug-id: 5f8cec6fb2f53
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=164
timing-allow-origin: *
content-length: 42
expires: Mon, 03 Oct 2022 16:26:22 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 7129 435 B
2 KB 300ms
299ms Fetch
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C97) /

Resource Hash

2df403affc23bcd5f804caa26791dcc85fd8f71d2e079abb623844659c6ce7c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-n3EQQtGin+EcbAX8TCYtrR5/9bHXOa7j/k5L82mLrMc/vwT8' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-n3EQQtGin+EcbAX8TCYtrR5/9bHXOa7j/k5L82mLrMc/vwT8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
date: Mon, 03 Oct 2022 16:26:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 0b4aaa6ab7296
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=285
dc: ccg11-origin-www-1.paypal.com
content-length: 290
x-xss-protection: 1; mode=block
server: ECAcc (frc/4C97)
traceparent: 00-00000000000000000000b4aaa6ab7296-ab9fdac111879fd0-01
etag: W/"1b3-iyHIac1C6Eo1FkjdhSvLIwQT7mE"
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 194ms
194ms Preflight 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC1) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Mon, 03 Oct 2022 16:26:22 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: 055786388142b
server: ECAcc (frc/4CC1)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=180
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000055786388142b-28124c18a2e2a95f-01
vary: Origin, Access-Control-Request-Headers

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 3AC5 337 KB
103 KB 17ms
17ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&components=buttons

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=32&style.menuPlacement=below&sdkVersion=5.0.334&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWFIWGktSWJBTkEtajJUX0pBSzR0SU5FY0tDMlhyemlOYWFoYTJHVGlVaEd5WExWNFVha1FtcFdVS01KdVRXaE02Z0pxdllxbk5ybERYNG0mY29tcG9uZW50cz1idXR0b25zIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoicmVhY3QtcGF5cGFsLWpzIiwiZGF0YS11aWQiOiJ1aWRfeGhkanp0ZnZja3djdHBuemZkdGpld2FpbWNpcXRwIn19&clientID=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&sdkCorrelationID=05553a7b52843&storageID=uid_9f54489afd_mty6mjy6mji&sessionID=uid_a4f844a125_mty6mjy6mji&buttonSessionID=uid_cafe47ea11_mty6mjy6mji&env=production&buttonSize=small&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD4) /

Resource Hash

8f61c68a7a3e7240f5c65d85c0b6499ffb3cfd954f0825f8ca81d53d7449856e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-YQgSKPaHHUYgA5jUAgd7j1oDV4OktHrM+5jMagtOKHic5EXm' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-YQgSKPaHHUYgA5jUAgd7j1oDV4OktHrM+5jMagtOKHic5EXm' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=32&style.menuPlacement=below&sdkVersion=5.0.334&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWFIWGktSWJBTkEtajJUX0pBSzR0SU5FY0tDMlhyemlOYWFoYTJHVGlVaEd5WExWNFVha1FtcFdVS01KdVRXaE02Z0pxdllxbk5ybERYNG0mY29tcG9uZW50cz1idXR0b25zIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoicmVhY3QtcGF5cGFsLWpzIiwiZGF0YS11aWQiOiJ1aWRfeGhkanp0ZnZja3djdHBuemZkdGpld2FpbWNpcXRwIn19&clientID=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&sdkCorrelationID=05553a7b52843&storageID=uid_9f54489afd_mty6mjy6mji&sessionID=uid_a4f844a125_mty6mjy6mji&buttonSessionID=uid_cafe47ea11_mty6mjy6mji&env=production&buttonSize=small&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-YQgSKPaHHUYgA5jUAgd7j1oDV4OktHrM+5jMagtOKHic5EXm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-YQgSKPaHHUYgA5jUAgd7j1oDV4OktHrM+5jMagtOKHic5EXm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 16:26:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1
x-cache: HIT
p3p: true
paypal-debug-id: 0a0983b166a28
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=2
dc: ccg11-origin-www-1.paypal.com
content-length: 104681
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Oct 2022 16:26:21 GMT
server: ECAcc (frc/4CD4)
traceparent: 00-00000000000000000000a0983b166a28-f9d242cb8bd7c725-01
etag: W/"198e9-eugzzCOvD7XQhXef25gHAoPdPos"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 3AC5 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 3AC5 57 KB
20 KB 121ms
20ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

e560d581ed6a8c168699938f8e85479245e1fc465c09ac8034acf5a1e3d72736

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 944810
x-cache: HIT
paypal-debug-id: 9aef47e8b50de
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=1
dc: ccg11-origin-www-1.paypal.com
content-length: 20053
last-modified: Tue, 09 Aug 2022 20:44:56 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-00000000000000000009aef47e8b50de-c4f59dada6a07ccc-01
etag: "62f2c748-e586"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Oct 2022 16:26:23 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 3AC5 1007 B
2 KB 244ms
243ms Ping
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF7) /

Resource Hash

77f396303619dc86465b4792cfa02ceed57733981efaa2cfa369330608ed1019

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=32&style.menuPlacement=below&sdkVersion=5.0.334&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWFIWGktSWJBTkEtajJUX0pBSzR0SU5FY0tDMlhyemlOYWFoYTJHVGlVaEd5WExWNFVha1FtcFdVS01KdVRXaE02Z0pxdllxbk5ybERYNG0mY29tcG9uZW50cz1idXR0b25zIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoicmVhY3QtcGF5cGFsLWpzIiwiZGF0YS11aWQiOiJ1aWRfeGhkanp0ZnZja3djdHBuemZkdGpld2FpbWNpcXRwIn19&clientID=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&sdkCorrelationID=05553a7b52843&storageID=uid_9f54489afd_mty6mjy6mji&sessionID=uid_a4f844a125_mty6mjy6mji&buttonSessionID=uid_cafe47ea11_mty6mjy6mji&env=production&buttonSize=small&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 03 Oct 2022 16:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 099011539096b
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=229
dc: ccg11-origin-www-1.paypal.com
content-length: 604
server: ECAcc (frc/4CF7)
traceparent: 00-0000000000000000000099011539096b-8dd1876733822e28-01
etag: W/"3ef-J7DiK/DhF1rti3Ilerr4ZIEUICw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame F89A 160 B
1001 B 184ms
184ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF7) /

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 141
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 6e7f0e7078459
date: Mon, 03 Oct 2022 16:26:23 GMT
paypal-debug-id: 6e7f0e7078459
server: ECAcc (frc/4CF7)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=169
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000006e7f0e7078459-6cb39df514bc9878-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 0001
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_a4f844a125_mty6mjy6mji&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a4f844a125_mty6mjy6mji&s=SMART_PAYMENT_BUTTONS

42 B
299 B

150ms
47ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a4f844a125_mty6mjy6mji&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=32&style.menuPlacement=below&sdkVersion=5.0.334&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWFIWGktSWJBTkEtajJUX0pBSzR0SU5FY0tDMlhyemlOYWFoYTJHVGlVaEd5WExWNFVha1FtcFdVS01KdVRXaE02Z0pxdllxbk5ybERYNG0mY29tcG9uZW50cz1idXR0b25zIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoicmVhY3QtcGF5cGFsLWpzIiwiZGF0YS11aWQiOiJ1aWRfeGhkanp0ZnZja3djdHBuemZkdGpld2FpbWNpcXRwIn19&clientID=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&sdkCorrelationID=05553a7b52843&storageID=uid_9f54489afd_mty6mjy6mji&sessionID=uid_a4f844a125_mty6mjy6mji&buttonSessionID=uid_cafe47ea11_mty6mjy6mji&env=production&buttonSize=small&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 16:26:23 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a4f844a125_mty6mjy6mji&s=SMART_PAYMENT_BUTTONS
Date: Mon, 03 Oct 2022 16:26:23 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame F89A 57 KB
20 KB 19ms
18ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

e560d581ed6a8c168699938f8e85479245e1fc465c09ac8034acf5a1e3d72736

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 944810
x-cache: HIT
paypal-debug-id: 9aef47e8b50de
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=2
dc: ccg11-origin-www-1.paypal.com
content-length: 20053
last-modified: Tue, 09 Aug 2022 20:44:56 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-00000000000000000009aef47e8b50de-c4f59dada6a07ccc-01
etag: "62f2c748-e586"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Oct 2022 16:26:23 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame D9B5 0
127 B 178ms
177ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-353861413965d87fec4715b9e61cca44.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 03 Oct 2022 16:26:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame F89A 125 B
805 B 253ms
253ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C99) /

Resource Hash

0986737caa377f701dfdf8d9fd5cb231c221de3cf849066c2823ef2a3c066ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 03 Oct 2022 16:26:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 0054fd6dd1f9c
server: ECAcc (frc/4C99)
traceparent: 00-00000000000000000000054fd6dd1f9c-9b2c9bef21767b2f-01
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 0054fd6dd1f9c
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=239
timing-allow-origin: *
content-length: 125

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame F89A 0
180 B 190ms
189ms XHR
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C8D) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 03 Oct 2022 16:26:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 15595a2de8f4f
server: ECAcc (frc/4C8D)
traceparent: 00-000000000000000000015595a2de8f4f-90d4c70373f19688-01
paypal-debug-id: 15595a2de8f4f
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=175
timing-allow-origin: *

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame F89A 0
372 B 273ms
210ms Image
text/plain 2a04:4e42:600::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_a4f844a125_mty6mjy6mji&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-served-by: cache-hhn4067-HHN
date: Mon, 03 Oct 2022 16:26:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 9165d84dfde07
via: 1.1 varnish
traceparent: 00-00000000000000000009165d84dfde07-a6eba07e95310fcf-01
x-timer: S1664814384.784470,VS0,VE195
x-cache: MISS
paypal-debug-id: 9165d84dfde07
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-cache-hits: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 3AC5 1017 B
1 KB 235ms
235ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&components=buttons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF7) /

Resource Hash

284c85f1c5bfbe82efdd04b03b60a7b86168ea41250be86f9ccc409f1b307731

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=32&style.menuPlacement=below&sdkVersion=5.0.334&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWFIWGktSWJBTkEtajJUX0pBSzR0SU5FY0tDMlhyemlOYWFoYTJHVGlVaEd5WExWNFVha1FtcFdVS01KdVRXaE02Z0pxdllxbk5ybERYNG0mY29tcG9uZW50cz1idXR0b25zIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoicmVhY3QtcGF5cGFsLWpzIiwiZGF0YS11aWQiOiJ1aWRfeGhkanp0ZnZja3djdHBuemZkdGpld2FpbWNpcXRwIn19&clientID=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&sdkCorrelationID=05553a7b52843&storageID=uid_9f54489afd_mty6mjy6mji&sessionID=uid_a4f844a125_mty6mjy6mji&buttonSessionID=uid_cafe47ea11_mty6mjy6mji&env=production&buttonSize=small&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type: application/json

Response headers

date: Mon, 03 Oct 2022 16:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 051522b846404
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=219
dc: ccg11-origin-www-1.paypal.com
content-length: 608
server: ECAcc (frc/4CF7)
traceparent: 00-0000000000000000000051522b846404-d5711762c1c861e1-01
etag: W/"3f9-36mJ4aSZNDp1RGn+Bm2tzmwd41E"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1017 B
2 KB 217ms
217ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AaHXi-IbANA-j2T_JAK4tINEcKC2XrziNaaha2GTiUhGyXLV4UakQmpWUKMJuTWhM6gJqvYqnNrlDX4m&components=buttons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE0) /

Resource Hash

1b0c7d3f02c5ddfc36a8369139aa612b6ea6f103a41e2340f038918ffa365347

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://app.pop4kids.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type: application/json

Response headers

date: Mon, 03 Oct 2022 16:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 05a90790273a8
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=202
dc: ccg11-origin-www-1.paypal.com
content-length: 610
server: ECAcc (frc/4CE0)
traceparent: 00-000000000000000000005a90790273a8-7b149ac6ad434c1d-01
etag: W/"3f9-vhSdj5aXgyxgBtqWkIRov1gbcWQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.pop4kids.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 214ms
214ms Preflight 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE0) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.pop4kids.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://app.pop4kids.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Mon, 03 Oct 2022 16:26:23 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: 0673b87961b19
server: ECAcc (frc/4CE0)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=200
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000673b87961b19-76773487fe97f3c9-01
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.pop4kids.org/	1969-12-31 23:59:59	Name: _pop_session Value: 6nC0CdtGwfpOw7P8x%2B8wmpIO00VjT9YYfPse0Z6MgIpXaMmxYrIxu3McawOxS7UxdWki5pYg7IIIn%2Bd5KYE1%2Btmw%2Bc0eUZJwMMVSrf4JwYdiMuD3v3UidNiNuxyDoqIaS%2FE3yCD8Mjj5yIkF7%2BmDGfqAkuxcDzmJjBA3YWO2GWSNL1kVIduF12c%3D--mGIc8pzCJrBWXal3--Ulzq5oXUmyj5mI35irAHPw%3D%3D
.pop4kids.org/	1970-01-20 16:02:54	Name: _ga Value: GA1.2.1800083406.1664814381
.pop4kids.org/	1970-01-20 06:28:20	Name: _gid Value: GA1.2.1439244943.1664814381
.pop4kids.org/	1970-01-20 06:26:54	Name: _gat_gtag_UA_156124387_1 Value: 1
.pop4kids.org/	1970-01-20 06:26:54	Name: _gat_UA-156124387-1 Value: 1
.paypal.com/	1970-01-20 06:26:56	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-20 16:02:54	Name: ts_c Value: vr%3D9eab798f1830ad009ee2ea24fee8b751%26vt%3D9eab798f1830ad009ee2ea24fee8b750
m.stripe.com/	1970-01-20 16:02:54	Name: m Value: 04070460-cc29-4f9b-944f-6132889dace3a6d261
.app.pop4kids.org/	1970-01-20 15:12:30	Name: __stripe_mid Value: f7158552-25f6-409a-9dca-1e35e0b5864ec19047
.app.pop4kids.org/	1970-01-20 06:26:56	Name: __stripe_sid Value: e33be5f9-0e5d-42f9-b57b-5619e78aa66dcd954a
.paypal.com/	1970-01-20 15:12:30	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 06:27:25	Name: LANG Value: de_DE%3BDE
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3ARaH_r1C7GJTNgeHDjCiW45KL5yneLhCO.8OvNvb85F8RNLfO%2B4h6DeczB5P%2BUO7lsDrKKzrRlX1Q
.paypalobjects.com/	1970-01-20 06:28:20	Name: paypal-offers--cust Value: null:null:null
.paypal.com/	1970-01-20 06:31:13	Name: tsrce Value: loggernodeweb
.paypal.com/	1970-01-20 16:02:54	Name: ts Value: vreXpYrS%3D1759508783%26vteXpYrS%3D1664816183%26vr%3D9eab798f1830ad009ee2ea24fee8b751%26vt%3D9eab798f1830ad009ee2ea24fee8b750%26vtyp%3Dnew
.c.paypal.com/	1970-01-20 16:02:54	Name: sc_f Value: pM7k0TmCJY_kHLGMosSk972AHjFJbLtcdtNzm5E5wKtPcHdsv8Q23hGGUIqQk6iXbcS50oRB3PEb48y90O4UBPNUet6AvVPTGpuzn0
.paypal.com/	1970-01-20 16:02:54	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: zKVh5SnrMHaH5SlXMf0XRMGChOmOFlDklDqy7MD3LxyPqWH7EoPIrmV-hI4hsU6bm-G55xSoT0qk0oJ2
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY2NDgxNDM4Mzg3OCIsImwiOiIwIiwibSI6IjAifQ

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.pop4kids.org
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdnjs.cloudflare.com
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
r.stripe.com
s3.amazonaws.com
t.paypal.com
url9657.admin.pop4kids.org
www.google-analytics.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
151.101.66.133
167.89.123.54
18.65.39.29
192.229.221.25
2600:9000:206e:1000:19:7d10:bd80:93a1
2606:4700::6811:190e
2a00:1450:4001:802::2008
2a00:1450:4001:803::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a04:4e42:600::291
44.206.79.184
52.217.33.70
52.89.187.149
54.187.119.242
54.187.159.182
64.4.245.84
00ac2a02fca3f02d45f5f32ac98e025b188f21921990c161901ba1afb725abfb
0986737caa377f701dfdf8d9fd5cb231c221de3cf849066c2823ef2a3c066ef2
1b0c7d3f02c5ddfc36a8369139aa612b6ea6f103a41e2340f038918ffa365347
1d2ee6d7fcec4cdc4095891c3b13f7969476396552b3f48bfefffb1e17a31701
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
284c85f1c5bfbe82efdd04b03b60a7b86168ea41250be86f9ccc409f1b307731
28f07b26b860a123578ae68797a12e99414a5a12412d3f48a53784421159862d
29c19e04c933506896de66eeebf3238a1c418dfa7f73c09237dbd2bbf8098d8a
2df403affc23bcd5f804caa26791dcc85fd8f71d2e079abb623844659c6ce7c7
369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429
39f73289f084687849630a1dd9997cc6fe9630f9f0f01789aa04ac4b452385c4
3e72d191ff5ce884a886e10287834348cfd7b344daf0767045ad29763436b5b9
3fe974c2f40e85ecc188157b7ec3276196d4aa9ad79040db04682b1c9da0db16
45213d15e0380b3b8d757f8b3e4daba79d2eb2127d6fd15c5cc63149333dfbfe
4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
66b99b949c6294f8a68f959968606914ec331cf3d8e7f3940389facd3e4ec980
695bcb1ddfdcd6d41bce392681c2fd90e0d972aebb2bc7cee402b9b8b5a20d22
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bce3d6703d2c9a93a6408c8f5ef1dfce63c54893a600a42efa5954ce589016a
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
77f396303619dc86465b4792cfa02ceed57733981efaa2cfa369330608ed1019
7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56
808ee57bf36c8aa5f7c5b263320ed4141aa8f58e2cbe249680cd6ba105430eda
80b609d0d05a887c221ebb604d4c42df70af9227da0e553d47025b5024a4d0a7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8471bc9d035c242effa34a69e92e6cfa1b38b4538a6f5bc184db22f9801fb168
8825dc4d61a2cadba97be1943b3915899749a233d2e719ea734e2ff043a0f421
88f9b139ebef0f6ab21ffd2ef43520dbb1c350eedf975756909001953195cceb
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8f61c68a7a3e7240f5c65d85c0b6499ffb3cfd954f0825f8ca81d53d7449856e
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
95f3a4bcd30fa97b9be4695f32c226edad4b3bc8047a63a4fcc2d3c7c81a3817
9d909965200346989dc8e7681e8049ac04b1159c4d910fe9aa10600ac59bccc6
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b0c6a5ef5c37bf0f3ca90ed539fe754970fce8111f53a05d3f3cd19d7a1ad12c
b5140ed3c970642ead3e1e5381b3e63aea9b4b6e99f90a06cda51965588635e3
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c0f4d45b190c61c1fff0180b947734751a95d412897d86278aacd385672d9773
c13fd35dc07e691e628ef64b5abb8f9b2d18b95856a56667ce09d572cf1dfc20
d34bd3d4d589122c61bacb4bdf406dfe75bc75a88a6c90ae0f94469996b9b3cf
d72dff41056af25325e375876201bbf13f59c13b832fb27f7af4e25e9490c1b9
da039861390e3df800b9a061b194831e99add8454ef4c8e8ca3c5f29c8f6a8aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e560d581ed6a8c168699938f8e85479245e1fc465c09ac8034acf5a1e3d72736
e85ee1afb5bf6c2d7763e7f00700f568592ecb6167ad9fd5e86fa5d33e2ba83d
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f89ff8abc730e3ba85d574cf8f3816946d03e8617aeef92995f9f3e7a17089d8
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
f92825a0e804ca1bb8c2ef557d91d8aaf9d21791f1a3583dfbc3e848efc01bad

app.pop4kids.org Open in urlscan Pro 44.206.79.184 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

99 %HTTPS

41 %IPv6

11 Domains

20 Subdomains

17 IPs

2 Countries

2183 kBTransfer

6770 kBSize

19 Cookies

1 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.pop4kids.org Open in urlscan Pro
44.206.79.184 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

99 %
HTTPS

41 %
IPv6

11
Domains

20
Subdomains

17
IPs

2
Countries

2183 kB
Transfer

6770 kB
Size

19
Cookies

110 HTTP transactions
2 data transactions