donate.zakatelaviv.org Open in urlscan Pro
2606:4700::6812:843c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trk.klclick1.com/ls/click?upn=Mn-2Fmf5gYG4mSW0z8Z6YDd-2FMCUKCqfAb9xi5UWANABFUIROKyFPqXXWZDwXapYoMtH8So0uTqQt4Vq7J...
Effective URL:
https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Submission: On April 05 via api (April 5th 2023, 11:39:35 am UTC) from US — Scanned from DE

Summary HTTP 243 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 24 domains to perform 243 HTTP transactions. The main IP is 2606:4700::6812:843c, located in United States and belongs to CLOUDFLARENET, US. The main domain is donate.zakatelaviv.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2022. Valid for: a year.

This is the only time donate.zakatelaviv.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:225... 2600:9000:2251:a400:18:359:ab80:93a1	16509 (AMAZON-02) (AMAZON-02)
15	2606:4700::68... 2606:4700::6812:843c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2606:4700::68... 2606:4700::6812:7115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.98 13.32.121.98	16509 (AMAZON-02) (AMAZON-02)
22	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.27.116 13.32.27.116	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
11	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::ac40:9062	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3.216.210.35 3.216.210.35	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
49	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
18	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1	52.43.190.165 52.43.190.165	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:400c:c09::5c	15169 (GOOGLE) (GOOGLE)
1	34.252.74.21 34.252.74.21	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
4	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
3	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
12	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
2 4	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
243	33

1 2600:9000:2251:a400:18:359:ab80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

trk.klclick1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:843c (United States)

ASN13335 (CLOUDFLARENET, US)

donate.zakatelaviv.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700::6812:7115 (United States)

ASN13335 (CLOUDFLARENET, US)

prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-98.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-116.fra56.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.216.210.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-210-35.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.43.190.165 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-190-165.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400c:c09::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.74.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-74-21.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.4.245.84 (United States) 2 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	stripe.com js.stripe.com — Cisco Umbrella Rank: 1244 q.stripe.com — Cisco Umbrella Rank: 7928 m.stripe.com — Cisco Umbrella Rank: 1249 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 7063 r.stripe.com — Cisco Umbrella Rank: 4840	760 KB
37	paypal.com 2 redirects www.paypal.com — Cisco Umbrella Rank: 2477 t.paypal.com — Cisco Umbrella Rank: 3199 c.paypal.com — Cisco Umbrella Rank: 5512 b.stats.paypal.com — Cisco Umbrella Rank: 5099 dub.stats.paypal.com — Cisco Umbrella Rank: 21041 c6.paypal.com — Cisco Umbrella Rank: 6640	686 KB
34	google.com pay.google.com — Cisco Umbrella Rank: 3232 play.google.com — Cisco Umbrella Rank: 31	864 KB
23	classy.org prod-frs.content.classy.org — Cisco Umbrella Rank: 84567 pay.classy.org — Cisco Umbrella Rank: 102718 assets.classy.org — Cisco Umbrella Rank: 101539	1 MB
15	gstatic.com fonts.gstatic.com www.gstatic.com	400 KB
15	zakatelaviv.org donate.zakatelaviv.org	58 KB
11	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 444	30 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
7	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 1182 heapanalytics.com — Cisco Umbrella Rank: 1079	40 KB
4	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2321	36 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 793 syndication.twitter.com — Cisco Umbrella Rank: 1106	132 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 284	748 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1316	17 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 93	64 KB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 743	140 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 100	351 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 756	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 648	183 B
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 17103	41 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 933	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 31634	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1030	6 KB
1	klclick1.com 1 redirects trk.klclick1.com — Cisco Umbrella Rank: 19369	433 B
243	24

	Domain	Requested by
37	r.stripe.com	js.stripe.com
26	play.google.com	www.gstatic.com
20	js.stripe.com	donate.zakatelaviv.org js.stripe.com
18	www.paypal.com	donate.zakatelaviv.org www.paypal.com www.paypalobjects.com
15	donate.zakatelaviv.org	donate.zakatelaviv.org
13	prod-frs.content.classy.org	donate.zakatelaviv.org prod-frs.content.classy.org
12	q.stripe.com	donate.zakatelaviv.org
11	js-agent.newrelic.com	donate.zakatelaviv.org
10	c.paypal.com	www.paypal.com c.paypal.com
9	www.google-analytics.com	donate.zakatelaviv.org
8	www.gstatic.com	pay.google.com www.gstatic.com
8	pay.google.com	js.stripe.com pay.google.com donate.zakatelaviv.org www.gstatic.com
7	fonts.gstatic.com	fonts.googleapis.com
6	heapanalytics.com
5	assets.classy.org
5	pay.classy.org	donate.zakatelaviv.org
4	www.paypalobjects.com	donate.zakatelaviv.org
3	t.paypal.com
2	c6.paypal.com
2	dub.stats.paypal.com	www.paypal.com
2	b.stats.paypal.com	2 redirects
2	bam.nr-data.net	donate.zakatelaviv.org
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.youtube.com	donate.zakatelaviv.org
2	platform.twitter.com	donate.zakatelaviv.org
2	sessions.bugsnag.com	donate.zakatelaviv.org
1	merchant-ui-api.stripe.com	js.stripe.com
1	m.stripe.com	m.stripe.network
1	syndication.twitter.com	platform.twitter.com
1	stats.g.doubleclick.net	donate.zakatelaviv.org
1	code.jquery.com	donate.zakatelaviv.org
1	fonts.googleapis.com	donate.zakatelaviv.org
1	geolocation.onetrust.com	donate.zakatelaviv.org
1	cdn.heapanalytics.com	donate.zakatelaviv.org
1	cdn.plaid.com	donate.zakatelaviv.org
1	unpkg.com	donate.zakatelaviv.org
1	htp.tokenex.com	donate.zakatelaviv.org
1	static.cloudflareinsights.com	donate.zakatelaviv.org
1	trk.klclick1.com	1 redirects
243	39

This site contains links to these domains. Also see Links.

Domain
www.classy.org

Subject Issuer	Validity	Valid
donate.zakatelaviv.org Cloudflare Inc ECC CA-3	`2022-07-10` - `2023-07-10`	a year	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2023-02-08` - `2024-01-12`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2023-02-21` - `2023-08-27`	6 months	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2022-12-09` - `2024-01-07`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Frame ID: 94C8602C736F185A087B2ABC402D93E2
Requests: 98 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 5DE6B01CA0D5FFB3C26D7A505796063E
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: C19C219D7E87A0FA7DD604D6B9837077
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fdonate.zakatelaviv.org
Frame ID: 4AF60F1975984E1893905D23FF69D8E8
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-860c79e739aba3b6b0e3db56f87bed79.html
Frame ID: 97C4C9571EE976D067F162CA8171A471
Requests: 43 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html
Frame ID: 49FC6FE9083A3DEF6C6367B7A5605FCA
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-92885a1fdaae69432390c36a86cccf1f.html
Frame ID: 4E9B9B0C6146E22A387E30EA59E90FBA
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 6A287A4C7F105935E4385B696262BBF6
Requests: 14 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html
Frame ID: 373D307ACD1216C677E0478F7FD41BFC
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-92885a1fdaae69432390c36a86cccf1f.html
Frame ID: EB453FB979F7BE41118C65021FFBFDC0
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 66B7170A37A5C5DC31B18E5EFA534C15
Requests: 14 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPVBYTTdDVkFIN1I0S1cmY29tbWl0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9maHZibXdyam1vaHRqbmZyZHh3aWVtcmxwdmltcG4ifX0&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=f5361948cd3f8&storageID=uid_25caba5952_mte6mzk6mjk&sessionID=uid_2832ed6172_mte6mzk6mjk&buttonSessionID=uid_191be9d297_mte6mzk6mjk&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOnRydWV9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjp0cnVlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&merchantID.0=PXM7CVAH7R4KW&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: 006171560448DD327DC85218DC915962
Requests: 6 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=01595a76a7719&storageID=uid_1dcc70d3f5_mte6mzk6mjk&sessionID=uid_659c564359_mte6mzk6mjk&buttonSessionID=uid_58dae6bfd4_mte6mzk6mjk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: B6554DF52B3469F5838A65E518423743
Requests: 6 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.6/paypal-blue.svg
Frame ID: 6A70134F39F55542EA57DF54E33B9832
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.6/paypal-blue.svg
Frame ID: 4D1B317655EBB60B6B828564AE39E32D
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 2B44642A21912197260A898B607360F5
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 301F2F151A09A6535A57F767F52F539B
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_659c564359_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS
Frame ID: C9869CDBBB23F8A443E42406DC63E2C5
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: E75210108C0CAD121ADE5CD8AA76554C
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_2832ed6172_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS
Frame ID: 4A192E15BFA44060AFAEFC83D0665954
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to Zaka Tel-Aviv Fund

Page URL History Show full URLs

https://trk.klclick1.com/ls/click?upn=Mn-2Fmf5gYG4mSW0z8Z6YDd-2FMCUKCqfAb9xi5UWANABFUIROKyFPqXXWZDwXa... HTTP 302
https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgO... Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

243
Requests

99 %
HTTPS

52 %
IPv6

24
Domains

39
Subdomains

33
IPs

5
Countries

4575 kB
Transfer

15019 kB
Size

32
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.classy.org/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/cookies/
Title: Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/copyright/
Title: DMCA Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trk.klclick1.com/ls/click?upn=Mn-2Fmf5gYG4mSW0z8Z6YDd-2FMCUKCqfAb9xi5UWANABFUIROKyFPqXXWZDwXapYoMtH8So0uTqQt4Vq7JW3DCJJKPFT2TR4-2FLPCF0MnmGMBuDRBJFZm5GA-2FX6iq53bgEapsINCe6SBxS7efv3B2Uu3Qp7byVgPSjQe2b9FvyD3tiBQUt1cqIVQee6HJtb3-2B3F4mi87nGRYC550-2FUkd0bsnC1k0ZJfsy1D0KOk5OzGXquyxGNwonVhrezcrWjxOASDSSRee7PpPUzN4QpbgEA-2BL2OVxId2XE8jMzLBoCliF0cQYl31fIsp7AJO4zCUvHJBXUI4k_nkl9al6CXO4-2FY-2BJdPt6vRFqrMM4hfawkF-2B7lF-2F-2B3awAYYvzUi-2FGcs4fk5UrNWufSwFkj53l-2BS9fULv0CCvIiE8kp-2Bl9HkhEmJx-2FnpehY-2F6aZqcFSwbPtZR6pyw6B5-2BAcb81RuzuLqRLpY8WApWBJu-2BxN-2Bs94ufIkQAVFMhJzPQGCuFyb8f0po4AFSrsc-2BYJx7rBLgx6NPJOMASXWHVEbOlx8S3W0a4tnpn0CcohFTwfyrJzgFlTilKhzZ8mxTWgPSzBhOTbiQyOdNRp-2FvAHkxzT3I8rkx1BWK3gEjtxe0LDsOo8YGygxtZDgyjIFSOtFCvmyl-2FvACQ6TjLR2DJKDgUV7jZrMnt1TSUHJN2Yf-2FOourQtdurCI1vJ6qqOByhtf6vXEdA7nunTAj11H3wUnlSWngdx4NTi2QLvpMa-2Fq3fSiYoGGNfTbbX6zmVgobq-2Bv HTTP 302
https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 229

https://b.stats.paypal.com/v2/counter.cgi?p=uid_659c564359_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_659c564359_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS

Request Chain 231

https://b.stats.paypal.com/v2/counter.cgi?p=uid_2832ed6172_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_2832ed6172_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS

243 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
donate.zakatelaviv.org/give/299891/
Redirect Chain

https://trk.klclick1.com/ls/click?upn=Mn-2Fmf5gYG4mSW0z8Z6YDd-2FMCUKCqfAb9xi5UWANABFUIROKyFPqXXWZDwXapYoMtH8So0uTqQt4Vq7JW3DCJJKPFT2TR4-2FLPCF0MnmGMBuDRBJFZm5GA-2FX6iq53bgEapsINCe6SBxS7efv3B2Uu3Qp7...
https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

116 KB
33 KB

866ms
793ms

Document
text/html

2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2df6f5d8fed6f48a3b92a08774e2b6e41468e28cb620c0a795b589b7cef2ac19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7b3182ad79af0b04-AMS
content-encoding: br
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 11:39:26 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

content-length: 273
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 11:39:25 GMT
location: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY#!/donation/checkout?amount=150&preset1=50&preset2=150&preset3=500&preset4=2500&currency=USD&c_src=PASSOVER
server: nginx
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-id: RjhmOWAfWhW9d3x1TkfH6t43Ud5OVRgA61JdDI5iQ7Do1nFFEY8WGQ==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
x-robots-tag: noindex, nofollow

GET
H2 200 main.css
prod-frs.content.classy.org/prod/18073/static/frs/ 1 MB
141 KB 252ms
51ms Stylesheet
text/css 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18073/static/frs/main.css

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a0bdd1ae4ee32d4baae9d67a408487db873a859d0c39adfb05b45b755f2037b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1HECSCB3HG5YAXVY
age: 43679
cf-polished: origSize=1111660
x-amz-server-side-encryption: AES256
x-amz-id-2: kyjjPIDcNkfFuFiYSk2QDiV6guJK6syrWLZ9EVXZfAKZhqEB76N54dcvhk/WuXa/dAfSwmYYAKb7aoT3vIak4v1bkOPoWlH52vbg5PDb4Oo=
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 20:33:54 GMT
server: cloudflare
etag: W/"746631dea220b26dd9aeb1bada9f1f5b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7b3182b4cd620e10-AMS

GET
H2 200 rocket-loader.min.js Show response
donate.zakatelaviv.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 17ms
16ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.zakatelaviv.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 12:31:17 GMT
server: cloudflare
content-encoding: gzip
etag: W/"6419a395-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7b3182b38a500b04-AMS
expires: Fri, 07 Apr 2023 11:39:26 GMT

GET
H2 200 vb26e4fa9e5134444860be286fd8771851679335129114 Show response
static.cloudflareinsights.com/beacon.min.js/ 16 KB
6 KB 92ms
45ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542

Request headers

Referer: https://donate.zakatelaviv.org/
Origin: https://donate.zakatelaviv.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:26 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2023 17:58:49 GMT
server: cloudflare
etag: W/2023.3.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7b3182b3d83a0bdc-AMS

GET
H2 200 onetrustConsent-1539020710655.js Show response
prod-frs.content.classy.org/prod/18073/static/onetrust/ 50 KB
12 KB 43ms
39ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18073/static/onetrust/onetrustConsent-1539020710655.js

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 6YWJGVCX570FWH3E
age: 44247
cf-polished: origSize=54583
x-amz-server-side-encryption: AES256
x-amz-id-2: xpDhakL/VQRclGbjQWOu7jiZNlqCEyT5Xcaos9kerLKCSZIN19TrGhyQd0u+6MWKQvSwmW45QVA=
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 20:33:54 GMT
server: cloudflare
etag: W/"64c3a4446a1c238c4df7f2db78163772"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b3182b57e750e10-AMS

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 18 KB
5 KB 539ms
131ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9e7d595f9089209fce023a961d31ea386f600d32a44094e000d830bc7bdd4e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:26 GMT
last-modified: Tue, 27 Dec 2022 16:48:20 GMT
etag: "0a2816131ad91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4568
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 131ms
85ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:27 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 25996612
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01G51V46NF5WQK5TZGCW2VM6FK-ams
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b3182b5bb3ab7dc-AMS

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/18073/static/frs/donation/ 182 KB
37 KB 39ms
35ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18073/static/frs/donation/module.min.js

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d6e591d92a24fd320dc58bed706a0ae674dc91c5c9effd5470e48694252fa41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 20:33:53 GMT
server: cloudflare
x-amz-request-id: M2PJ2MHGHYE96N93
age: 43679
etag: W/"7ff83e5bd24a6c4416e73c8e3cdb0ea6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b3182b57e780e10-AMS
x-amz-id-2: PqFgZGQZFgnmAzhsSAa8xRP0+T1RTEKgj6myDUf8MPLre18zCKBzg5kjICvHWDHwOmu5xtAiyes=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/18073/static/global/ 2 MB
371 KB 45ms
41ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18073/static/global/module.min.js

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

005ff4910da9715c20b25351f3ec257c7cd86fc43e8982073ab4b850d0d2a863

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 20:33:54 GMT
server: cloudflare
x-amz-request-id: APDTSCBRE699P1AW
age: 43679
etag: W/"662ddd4186066b7a233a83dabdf1a678"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b3182b57e790e10-AMS
x-amz-id-2: 0VYSifvFRDQErcG3zs7RTqxdieLROdB/afQBr8DlqlohuhjODHiDtebI9/aRm2imE60t2b9NpFM=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/18073/static/global/ 1 MB
430 KB 57ms
54ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18073/static/global/libs.min.js

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 20:33:54 GMT
server: cloudflare
x-amz-request-id: RG989EBA1JXM0354
age: 43224
etag: W/"772e1301b871cc2545926cb86ee5965f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b3182b57e7a0e10-AMS
x-amz-id-2: 1/Zh55feeI9rZ+RppzXQk6iOveqLJ60r6kxwzLHE4EXAALTrsVl/8Q+FfIpQVKb1MI/8i2UmdTY=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 132 KB
41 KB 79ms
34ms Script
application/javascript 13.32.121.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b0b2f42f76654d010efb75faffe48ae712e1532c65460bfe09c0ebe55723c34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: il0bj_Y2FLZ8bEUfJFn3eMFh3Gz4nTAi
content-encoding: gzip
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
date: Tue, 04 Apr 2023 21:46:31 GMT
x-amz-request-id: KCS1EJV8ZEG93339
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
age: 50021
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: jHaDsKDaLiiuCmmAwxrJB2dJr1sgdnVt7TRo7XvrQ2DVLfgNtrmLQS9sYrZCp3amBBQ0UECL+DyI5IL0svrZZw==
last-modified: Mon, 03 Apr 2023 21:24:52 GMT
server: AmazonS3
etag: W/"29f1408bd5b2816c10a632635879a775"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: fe9ZldrEQB9fByh-FjbF6znFs1bsNBON2z96W0EP2rGuPaOP04YgYw==

GET
H2 200 / Show response
js.stripe.com/v3/ 455 KB
123 KB 39ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7f4870d3d781adf3fa0e339a238eb2c592b8ae1a524e6503dc6f27076cd43f02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:26 GMT
via: 1.1 varnish
age: 24
x-cache: HIT
content-length: 125087
x-request-id: ea6e0201-180f-4a1c-a058-a793ec26d930
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Mon, 03 Apr 2023 20:35:43 GMT
server: Fastly
etag: "6f3f72f20753b33e07ea176ed3a8982b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 73ms
17ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 10:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5655
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 05 Apr 2023 12:05:12 GMT

GET
H2 200 heap-1566116007.js Show response
cdn.heapanalytics.com/js/ 122 KB
39 KB 73ms
13ms Script
application/javascript 13.32.27.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1566116007.js

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-116.fra56.r.cloudfront.net

Software

nginx / Express

Resource Hash

f4e4992a349487807e6aefae26cff7b2e9f7161f416a63b18a6aa97ca509570a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:38:10 GMT
content-encoding: br
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA56-C2
age: 77
x-powered-by: Express
etag: W/"1e6d8-ULz3nq+u4BVb5g/Y6FQcqLsYV7Q"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: FSjDZhimptpn7r-RHjSWXucZdLNXojQWp31cGfc1Hfe88eLpzvP9ug==

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 146ms
146ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer: https://donate.zakatelaviv.org/
Bugsnag-Sent-At: 2023-04-05T11:39:27.156Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 05 Apr 2023 11:39:27 GMT
via: 1.1 google
bugsnag-session-uuid: 92768376-5938-4258-bad1-9948c2cd6312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 209ms
152ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://donate.zakatelaviv.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 05 Apr 2023 11:39:27 GMT
via: 1.1 google

GET
H2 200 sdk.js Show response
donate.zakatelaviv.org/sso/ 25 KB
7 KB 508ms
508ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.zakatelaviv.org/sso/sdk.js

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a39c7130747e5795889aa3ee603173b357eb0deade0252622413c78ddbe00350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 04 Apr 2023 19:20:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 7b3182b6cec40b04-AMS
expires: Wed, 05 Apr 2023 11:59:27 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 5DE6 200 B
807 B 8ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.zakatelaviv.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7907220
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 11:39:27 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 6109
x-content-type-options: nosniff
x-request-id: 02fda6bc-2185-4f5e-8e17-d7e7775578a4
x-served-by: cache-fra-eddf8230040-FRA

GET
H2 200 async-api.61caf4d9-1228.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 31ms
8ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/async-api.61caf4d9-1228.min.js
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 079c85d823b588108b623f842c5aca6c805c4f1b2c9af00d5aff193224d0d477

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: J0GluopGath26np.0jFNgGyfwhEN0LgG
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Apr 2023 11:39:27 GMT
x-amz-request-id: WDTXQMDEHJXHQ34Z
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1122
x-amz-id-2: eBD460XMiK0d1inJlbh74gC4dtNvxzH5nYVMwDHBsEF+8Egs4ywIs5DSC6dvUFHoP/3qz47iuMw=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680694768.516607,VS0,VE0
etag: "5a15fa90d5c9cf59729e937de488758b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5684

GET
H2 200 lazy-loader.37550b27-1228.min.js Show response
js-agent.newrelic.com/ 928 B
898 B 29ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/lazy-loader.37550b27-1228.min.js
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83c6c18f8719320cbd6cd83248055a13a92e1c7866c23a347c08c92c7d1fe391

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: veSIorK788CursSmiZNo6DAf4uBLqr8D
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Apr 2023 11:39:27 GMT
x-amz-request-id: 39MRWCNEGDWBGJB1
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 415
x-amz-id-2: /LDBJwtcH81Hnh8p1pOT/vzQaewwywTjIpzoNfmiuBzfQTyvnZ2pzYFgJr2k8P9hwLdF+82csOU=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680694768.516241,VS0,VE0
etag: "b6eaf4dad9b3e3384b0e9366ff9d0080"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6052

GET
H2 200 optanon.css
prod-frs.content.classy.org/prod/18073/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/ 22 KB
6 KB 35ms
35ms Stylesheet
text/css 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18073/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: GVV5FPY43YMG53F3
age: 43678
cf-polished: origSize=22581
x-amz-server-side-encryption: AES256
x-amz-id-2: Yvo2cVqkUlWMSpk1KxJoJ7VErrCcvBoZpPwbYqZ2dCNaFOjqQFH0GbajG7m69Qw+wDAD3ZDwxmxk6A1ks6+mVF9Vk3iUUduNxXPfzP/gwMM=
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 20:33:54 GMT
server: cloudflare
etag: W/"5ec3a032a0370bd8e3f63adf430b4617"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7b3182b8eacc0e10-AMS

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
183 B 87ms
39ms Script
text/javascript 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery321012037721745621699_1680694767103&_=1680694767104

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b3182b93e6fb754-AMS
content-length: 32
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 399ms
108ms Image
image/gif 3.216.210.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2585518562755356&v=2637740109079207&s=614757097209298&b=web&tv=4.0&z=0&g=%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER&h=%2Fgive%2F299891%2F&q=%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&d=donate.zakatelaviv.org&t=Zaka%20Tel-Aviv%20Fund&ts=1680694767502&st=1680694767504

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.210.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-210-35.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 11:39:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 44ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 11:39:27 GMT
Content-Encoding: gzip
Age: 697
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/668C)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 83ms
30ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d12edf79a333c20b2ffdc2abfa2168c88d6105e2073cce1bee3b962191ea38f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 05 Apr 2023 11:39:27 GMT

GET
H2 200 tax-entities Show response
donate.zakatelaviv.org/frs-api/organizations/70265/ 397 B
458 B 528ms
518ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.zakatelaviv.org/frs-api/organizations/70265/tax-entities

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

718f55ec5165c4f26ef3abddd8bc6ad24926e1378d443574c5789971d6374999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: RZk7st4s-zGI37uHObq-gPeb7CkKgqYUu5ig
tracestate: 423787@nr=0-1-423787-363751183-af61a0bef588817f----1680694767731
traceparent: 00-aab3690f5b9a6671565f58ffa80ef9a0-af61a0bef588817f-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhZjYxYTBiZWY1ODg4MTdmIiwidHIiOiJhYWIzNjkwZjViOWE2NjcxNTY1ZjU4ZmZhODBlZjlhMCIsInRpIjoxNjgwNjk0NzY3NzMxfX0=
Accept: application/json, text/plain, */*
csrf-token: RZk7st4s-zGI37uHObq-gPeb7CkKgqYUu5ig
Referer: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"18d-Fog/RZ6oZJE6n6zF+nERWjSmFWI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7b3182badd130b04-AMS

GET
H2 200 market-data Show response
donate.zakatelaviv.org/frs-api/crypto-giving/BTC/USD/ 36 B
146 B 185ms
172ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.zakatelaviv.org/frs-api/crypto-giving/BTC/USD/market-data

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f91bddfbfe67aedfd5e461755fc279e522df0666ca853c42a0a6e917b327e2b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: RZk7st4s-zGI37uHObq-gPeb7CkKgqYUu5ig
tracestate: 423787@nr=0-1-423787-363751183-5a171655e1c4002b----1680694767785
traceparent: 00-ef99a06a43d7311b81a67738e9ee5220-5a171655e1c4002b-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI1YTE3MTY1NWUxYzQwMDJiIiwidHIiOiJlZjk5YTA2YTQzZDczMTFiODFhNjc3MzhlOWVlNTIyMCIsInRpIjoxNjgwNjk0NzY3Nzg1fX0=
Accept: application/json, text/plain, */*
csrf-token: RZk7st4s-zGI37uHObq-gPeb7CkKgqYUu5ig
Referer: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Response headers

date: Wed, 05 Apr 2023 11:39:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"24-w8gF37wLoPI94qahndh3rXNXz9I"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 7b3182badd140b04-AMS
content-length: 36

GET
H2 200 ach-account-routing Show response
donate.zakatelaviv.org/frs-api/organizations/70265/ 33 B
168 B 457ms
445ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.zakatelaviv.org/frs-api/organizations/70265/ach-account-routing

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: RZk7st4s-zGI37uHObq-gPeb7CkKgqYUu5ig
tracestate: 423787@nr=0-1-423787-363751183-0f2fe17a5c5dd525----1680694767787
traceparent: 00-de584d05f37e5550c36d8ea3b8144340-0f2fe17a5c5dd525-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwZjJmZTE3YTVjNWRkNTI1IiwidHIiOiJkZTU4NGQwNWYzN2U1NTUwYzM2ZDhlYTNiODE0NDM0MCIsInRpIjoxNjgwNjk0NzY3Nzg3fX0=
Accept: application/json, text/plain, */*
csrf-token: RZk7st4s-zGI37uHObq-gPeb7CkKgqYUu5ig
Referer: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7b3182badd180b04-AMS
content-length: 33

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
508 B 694ms
402ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=14654&currency=USD

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://donate.zakatelaviv.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: bfe5a70c-2b35-491e-b80e-62022bae1c97
cf-ray: 7b3182bcbb99b984-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 4fea0a1a-f858-11ea-86a0-0ea2dd4b422d.jpg
assets.classy.org/13546591/ 6 KB
6 KB 100ms
69ms Image
image/jpeg 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/13546591/4fea0a1a-f858-11ea-86a0-0ea2dd4b422d.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fcb318dda14e51adf628a0939c75620a7abd1dbb7f198d3327f95a159a0b061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 829762c3f42db9d1ea41f24010e3ac9e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: zyF0Nra6KZRTIkzRc7ipL6IBU3aIEc3E
age: 58765
x-amz-cf-pop: LHR50-P8
cf-polished: degrade=85, origSize=60389, status=webp_bigger
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 5756
last-modified: Wed, 16 Sep 2020 20:07:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "0f09a5ae10d897b2981c01d38cbff1bd"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7b3182bb6dee0e10-AMS
x-amz-cf-id: PLlYQIoqL7z3SLMBHUqEv6PjzwrmJAagPh9f-h7UYfHloeiZdoP7KA==

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/18073/static/global/fonts/ 42 KB
43 KB 550ms
511ms Font
application/x-font-woff 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18073/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/18073/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64f54734a54457e203911b07532988b4dfcd5096554c9e3d32a3691dfa3672f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/18073/static/frs/main.css
Origin: https://donate.zakatelaviv.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-amz-request-id: 6APQ7A9KR7WEGS7Y
x-amz-server-side-encryption: AES256
content-length: 43184
x-amz-id-2: oD7LPbHgnZbzABg38tEg3l2q0x8YoliAOW4svi5I+ZEvn4j/VnGWN2w6iC1PoW/OFgopYrCCkvM=
last-modified: Wed, 29 Mar 2023 20:33:54 GMT
server: cloudflare
etag: "ef1fd379a22dc6ec47fa1c24095470fe"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7b3182bb79cfb984-AMS

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/18073/static/fonts/ 65 KB
66 KB 660ms
621ms Font
binary/octet-stream 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/18073/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/18073/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/18073/static/frs/main.css
Origin: https://donate.zakatelaviv.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-amz-request-id: 6APXZDY4RGBWX1Z2
x-amz-server-side-encryption: AES256
content-length: 66624
x-amz-id-2: bFnFe1JOLb6jvCz4Rv9C7DT7qmzgAws8dDB5QLK+bOA4rKXE8NzInaAhrgzWCQI+CL5pGArra50=
last-modified: Wed, 29 Mar 2023 20:33:53 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7b3182bb79d4b984-AMS

GET
H2 200 designations Show response
donate.zakatelaviv.org/frs-api/campaign/299891/ 1 KB
632 B 432ms
432ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.zakatelaviv.org/frs-api/campaign/299891/designations?per_page=100

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e796c07297d30e6b628a9bc2472ecaa55c168015e4d35411d21c6accc51fd355

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: RZk7st4s-zGI37uHObq-gPeb7CkKgqYUu5ig
tracestate: 423787@nr=0-1-423787-363751183-6739817c6ee8b0e3----1680694768004
traceparent: 00-e83842def11fbef8ea2170f91db99ed0-6739817c6ee8b0e3-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2NzM5ODE3YzZlZThiMGUzIiwidHIiOiJlODM4NDJkZWYxMWZiZWY4ZWEyMTcwZjkxZGI5OWVkMCIsInRpIjoxNjgwNjk0NzY4MDA0fX0=
Accept: application/json, text/plain, */*
csrf-token: RZk7st4s-zGI37uHObq-gPeb7CkKgqYUu5ig
Referer: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"49d-lVLEurtS9NoJDDmaBa7uPxAaEvE"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7b3182bc1ec50b04-AMS

GET
H2 200 designations Show response
donate.zakatelaviv.org/frs-api/campaigns/299891/ 1 KB
644 B 461ms
456ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.zakatelaviv.org/frs-api/campaigns/299891/designations?filter=id%3D146137

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06e6c9207fbe9da61d03ef9f6eb3222e8d214736bb0b59b53e2e3ab4caa0a0a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: RZk7st4s-zGI37uHObq-gPeb7CkKgqYUu5ig
tracestate: 423787@nr=0-1-423787-363751183-f29a1946f2395057----1680694768005
traceparent: 00-a75bebcdd77641d077471e7d3c8fb290-f29a1946f2395057-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmMjlhMTk0NmYyMzk1MDU3IiwidHIiOiJhNzViZWJjZGQ3NzY0MWQwNzc0NzFlN2QzYzhmYjI5MCIsInRpIjoxNjgwNjk0NzY4MDA1fX0=
Accept: application/json, text/plain, */*
csrf-token: RZk7st4s-zGI37uHObq-gPeb7CkKgqYUu5ig
Referer: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"498-wBpKSaznNG85b4+8lPQMfBcarSc"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7b3182bc1ecf0b04-AMS

GET
H2 200 currency-conversions Show response
donate.zakatelaviv.org/frs-api/i18n/ 75 B
201 B 435ms
435ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.zakatelaviv.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51c0a4b5ec7156153403c2af284870c3eb38058bcceb2f7b979d6f07978d5ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: RZk7st4s-zGI37uHObq-gPeb7CkKgqYUu5ig
tracestate: 423787@nr=0-1-423787-363751183-bd8bd34286c2aa2d----1680694768092
traceparent: 00-87303dbc1552924c5725f309c2a17080-bd8bd34286c2aa2d-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiZDhiZDM0Mjg2YzJhYTJkIiwidHIiOiI4NzMwM2RiYzE1NTI5MjRjNTcyNWYzMDljMmExNzA4MCIsInRpIjoxNjgwNjk0NzY4MDkyfX0=
Accept: application/json, text/plain, */*
csrf-token: RZk7st4s-zGI37uHObq-gPeb7CkKgqYUu5ig
Referer: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-e0SoiIcoleW4ymIHL+nZ1/pguto"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7b3182bc9f9d0b04-AMS

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
360 B 403ms
402ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=14654&currency=USD

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://donate.zakatelaviv.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 97808afd-5242-45d1-92f6-7f3c33e9c619
cf-ray: 7b3182bcbb95b984-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 transaction-estimates Show response
donate.zakatelaviv.org/frs-api/campaign/299891/ 365 B
281 B 203ms
191ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.zakatelaviv.org/frs-api/campaign/299891/transaction-estimates?amex=false&amount=150&currency=USD&fot=true&international=false&processor_name=PAYPAL_COMMERCE

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

802148ca10ceb4570292e087cb2ecb1151e858bf7d5e37079e0784d6118908f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: RZk7st4s-zGI37uHObq-gPeb7CkKgqYUu5ig
tracestate: 423787@nr=0-1-423787-363751183-e0f05f7136c5c14f----1680694768109
traceparent: 00-89833c2792cf8fe54c4b01e8b2012f40-e0f05f7136c5c14f-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlMGYwNWY3MTM2YzVjMTRmIiwidHIiOiI4OTgzM2MyNzkyY2Y4ZmU1NGM0YjAxZThiMjAxMmY0MCIsInRpIjoxNjgwNjk0NzY4MTA5fX0=
Accept: application/json, text/plain, */*
csrf-token: RZk7st4s-zGI37uHObq-gPeb7CkKgqYUu5ig
Referer: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"16d-LuLCQ1AUW4b3Rt7X3PvYgKIJlcM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 7b3182bccff50b04-AMS

GET
H2 200 paypal Show response
pay.classy.org/token/ 124 B
395 B 404ms
393ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/paypal?applicationId=14654&currency=USD

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51329ab2f212ec58b2808047a6e5b5b3f7bf525d4a04143f60e20354f7d8877a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://donate.zakatelaviv.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 46ac5124-ca66-4ea7-811a-2ecdbe2c42c7
cf-ray: 7b3182bccbb2b984-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
364 B 399ms
392ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=14654&currency=USD

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://donate.zakatelaviv.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 66561638-10b5-487b-b544-863546170650
cf-ray: 7b3182bccbb6b984-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 user-icon.png
donate.zakatelaviv.org/static/global/images/ 2 KB
2 KB 54ms
49ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.zakatelaviv.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 58766
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Wed, 29 Mar 2023 20:29:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "64249fb2-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b3182bccff90b04-AMS
expires: Wed, 03 Apr 2024 19:20:02 GMT

GET
H2 200 561de636-f1eb-11ea-b0a3-0ee030372895.png
assets.classy.org/15170223/ 12 KB
13 KB 50ms
46ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/15170223/561de636-f1eb-11ea-b0a3-0ee030372895.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba4a8e6c3bd2e718298e1ab8e03c03f9c4f977164ce9ec719d54402b3f65ac41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 04cb9a524a2f5b52f2abb84002971492.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: ejhwNq5MY_0kw7wMOi2FGn2reDcm4vKM
age: 58767
x-amz-cf-pop: LHR50-P8
cf-polished: origFmt=png, origSize=14783
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="561de636-f1eb-11ea-b0a3-0ee030372895.webp"
content-length: 12626
last-modified: Tue, 08 Sep 2020 15:52:46 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "5a9c9d36f47c40dad8b9984c18eb4b07"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7b3182bccfed0e10-AMS
x-amz-cf-id: rIDc7P2JFs3HOv5B1C2bMHJaDz1uRGNZWKjqOfdIcx2w_Hc6Jeg2XQ==

GET
H2 200 5d2ebf0e-f1eb-11ea-bc84-0ac96913d2c3.png
assets.classy.org/15170223/ 12 KB
13 KB 47ms
43ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/15170223/5d2ebf0e-f1eb-11ea-bc84-0ac96913d2c3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba4a8e6c3bd2e718298e1ab8e03c03f9c4f977164ce9ec719d54402b3f65ac41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 7abcd88a14dd92e6910468bb5a172372.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: zMS7tMGCvavHK6NH4mfRNgQqA3hGItYE
age: 58767
x-amz-cf-pop: LHR50-P8
cf-polished: origFmt=png, origSize=14783
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="5d2ebf0e-f1eb-11ea-bc84-0ac96913d2c3.webp"
content-length: 12626
last-modified: Tue, 08 Sep 2020 15:52:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "5a9c9d36f47c40dad8b9984c18eb4b07"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7b3182bccff00e10-AMS
x-amz-cf-id: 3aO9HnNcL-3BoM1L3mubWeKwBcSH_sF2xIS6dv9B4Er8-XEef7UxqQ==

GET
H2 200 93837568-d854-11eb-843a-0a58a9feac02.jpg
assets.classy.org/13546591/ 229 KB
229 KB 55ms
51ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/13546591/93837568-d854-11eb-843a-0a58a9feac02.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

774e637e100ab57dd4fc780c397abd31892f4b3f4cd70249b6c2bc11e11b23c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Hv_uZmIMWxxCxrxM5pTRezmqSlpoe4ig
age: 58766
x-amz-cf-pop: DUS51-P1
cf-polished: qual=85, origFmt=jpeg, origSize=242939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="93837568-d854-11eb-843a-0a58a9feac02.webp"
content-length: 234266
last-modified: Mon, 28 Jun 2021 21:05:34 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "167636c3dae83d8036a2d692838fea6d"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7b3182bccff10e10-AMS
x-amz-cf-id: h3CFf3_sDez8CnZ-lrYZ9QWiKLlkehFZc_L7cbWLCDE-IQaV44nESg==

GET
H2 200 9f946826-f84e-11ea-b4aa-0ad753ba5529.jpg
assets.classy.org/13546591/ 10 KB
11 KB 51ms
47ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/13546591/9f946826-f84e-11ea-b4aa-0ad753ba5529.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85abc988732d2ff3b9ebd67b4efe8da81f8e56d9b6088a1fb379cd68536aa2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 dd1211d51ecc66d1523e03934a660f3a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: ll_TRdezTo8BbpAbjjPeWrr8BtkMZ21f
age: 58766
x-amz-cf-pop: LHR50-P8
cf-polished: qual=85, origFmt=jpeg, origSize=18412
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="9f946826-f84e-11ea-b4aa-0ad753ba5529.webp"
content-length: 10384
last-modified: Wed, 16 Sep 2020 18:58:37 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "ef4f8c85753fe89ebbc7e047a0ef94d2"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7b3182bccff20e10-AMS
x-amz-cf-id: sC7lYMB17cylNNMXmwKQXzXtIyA3rirdzNUE030JQj_ggr-1m7kesQ==

GET
H2 200 crypto-giving-coin-bitcoin.svg
prod-frs.content.classy.org/prod/18073/static/global/images/crypto-giving/ 1 KB
909 B 44ms
40ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/18073/static/global/images/crypto-giving/crypto-giving-coin-bitcoin.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 20:33:54 GMT
server: cloudflare
x-amz-request-id: E66ZZDKKPN4N4KYB
age: 28322
etag: W/"2861fb7a07b041686ba6360cf7908e28"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7b3182bccff30e10-AMS
x-amz-id-2: VdMMjHhaZb+4r1TgsPD/NXz07pS1XOLhNlbYd8sRZtuylJNx2OuFE9GHYUkeAHONbj5W+Oz4jf8=

GET
H2 200 crypto-giving-coin-ethereum.svg
prod-frs.content.classy.org/prod/18073/static/global/images/crypto-giving/ 545 B
408 B 45ms
41ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/18073/static/global/images/crypto-giving/crypto-giving-coin-ethereum.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 20:33:54 GMT
server: cloudflare
x-amz-request-id: E66YM3YFG3YW3D4X
age: 28322
etag: W/"c8896ba26efa2a5d9aa1659b4aef1f00"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7b3182bccff40e10-AMS
x-amz-id-2: e59q9fc3zXupPeqvyXwuDw8UAn8yoV7dhEURX6dZ5vJNFr9lGxmqANtltUcZ3sk0kb8AI9+58aI=

GET
H2 200 crypto-giving-coin-usdc.svg
prod-frs.content.classy.org/prod/18073/static/global/images/crypto-giving/ 2 KB
1 KB 38ms
35ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/18073/static/global/images/crypto-giving/crypto-giving-coin-usdc.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 20:33:54 GMT
server: cloudflare
x-amz-request-id: E66T9TC5E833GH6C
age: 28322
etag: W/"120e9a5c0d8ae8e313213cbb2284cafe"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7b3182bccff50e10-AMS
x-amz-id-2: EK9DX/bgWLvFUiwzNRpAEKjQX61ZTpcaWZHsgPOrMljkk4qmHjgjtZb43CpnfqrPDggT1J73Qdw=

GET
H2 200 crypto-giving-arrows.svg
prod-frs.content.classy.org/prod/18073/static/global/images/crypto-giving/ 453 B
444 B 42ms
38ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/18073/static/global/images/crypto-giving/crypto-giving-arrows.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 20:33:54 GMT
server: cloudflare
x-amz-request-id: E66HJ3ZJ18CAE38R
age: 28322
etag: W/"332ba480e7dc5a9687ededc7c4333e80"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7b3182bccff70e10-AMS
x-amz-id-2: 8K8+Qib2ihldYNkABm0i+VxbZkdopbGFhI6+803pm0d9dbMSUuhVRUxGGaxfJmVko7zUmdOmgVQ=

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/18073/static/global/images/ 394 B
770 B 33ms
32ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/18073/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/18073/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/18073/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: 46RWG5YD5C2FJQBS
age: 28322
cf-polished: origFmt=png, origSize=547
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: Z469NamUgXc2SGB0l9R2Olpo14k4LZ6jx62Fd/Pcy4YUtoZrHmhBeA5XLXciIHSb3J4Rf9wXpac=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Mar 2023 20:33:54 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7b3182bccff80e10-AMS

POST
H2 204 rum Show response
donate.zakatelaviv.org/cdn-cgi/ 0
170 B 30ms
29ms XHR
text/plain 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.zakatelaviv.org/cdn-cgi/rum?

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-ab6352becd8606ce----1680694768131
traceparent: 00-4730c418d13fb4691490899cf4115a40-ab6352becd8606ce-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhYjYzNTJiZWNkODYwNmNlIiwidHIiOiI0NzMwYzQxOGQxM2ZiNDY5MTQ5MDg5OWNmNDExNWE0MCIsInRpIjoxNjgwNjk0NzY4MTMxfX0=
content-type: application/json
Referer: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://donate.zakatelaviv.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7b3182bcd81f0b04-AMS

POST
H2 200 csp-report
q.stripe.com/ Frame 5DE6 0
640 B 582ms
184ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680694768621651
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 5DE6 0
640 B 582ms
185ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680694768621729
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5DE6 631 B
490 B 36ms
34ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:28 GMT
via: 1.1 varnish
age: 12324878
x-cache: HIT
content-length: 332
x-request-id: 0835c848-94af-434b-9bab-b464eef8e395
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5313

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 62ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbc1566ee11605f90eb9007374832de5b995286c6bf81dc115830e591a4868c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 11:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 11:39:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 11:39:28 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 30ms
16ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1331897401&t=event&_s=1&dl=https%3A%2F%2Fdonate.zakatelaviv.org%2Fgive%2F299891%2F%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&ul=en-us&de=UTF-8&dt=Donate%20to%20Zaka%20Tel-Aviv%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=KEBAAEABAAAAACAAI~&jid=365204805&gjid=28526657&cid=518399758.1680694767&tid=UA-3837893-1&_gid=1297507430.1680694767&_r=1&_slc=1&z=1104731932

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.zakatelaviv.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 11:39:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.zakatelaviv.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stripePublishableKey Show response
pay.classy.org/token/ 44 B
357 B 403ms
389ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripePublishableKey

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4f03677f716f1db373f1c115b0199d7d777dd90634465e8e9de07ada8d96036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://donate.zakatelaviv.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 7f66f623-13ec-4f54-b202-0477cdaa7cc9
cf-ray: 7b3182bd1c1db984-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 44

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1331897401&t=timing&_s=2&dl=https%3A%2F%2Fdonate.zakatelaviv.org%2Fgive%2F299891%2F%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&ul=en-us&de=UTF-8&dt=Donate%20to%20Zaka%20Tel-Aviv%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20latency&utv=fresh&utl=1680694767571&utt=244&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=518399758.1680694767&tid=UA-3837893-1&_gid=1297507430.1680694767&cd1=70265&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=299891&cd6=campaign&cd11=recurring%20optimization&z=1218754751

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63256
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
22ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1331897401&t=timing&_s=3&dl=https%3A%2F%2Fdonate.zakatelaviv.org%2Fgive%2F299891%2F%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&ul=en-us&de=UTF-8&dt=Donate%20to%20Zaka%20Tel-Aviv%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1680694767571&utt=1037&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=518399758.1680694767&tid=UA-3837893-1&_gid=1297507430.1680694767&cd1=70265&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=299891&cd6=campaign&cd11=recurring%20optimization&z=496545718

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63256
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
22ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1331897401&t=timing&_s=4&dl=https%3A%2F%2Fdonate.zakatelaviv.org%2Fgive%2F299891%2F%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&ul=en-us&de=UTF-8&dt=Donate%20to%20Zaka%20Tel-Aviv%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1680694767571&utt=1213&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=518399758.1680694767&tid=UA-3837893-1&_gid=1297507430.1680694767&cd1=70265&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=299891&cd6=campaign&cd11=recurring%20optimization&z=1668064222

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63256
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
22ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1331897401&t=timing&_s=5&dl=https%3A%2F%2Fdonate.zakatelaviv.org%2Fgive%2F299891%2F%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&ul=en-us&de=UTF-8&dt=Donate%20to%20Zaka%20Tel-Aviv%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1680694767571&utt=1551&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=518399758.1680694767&tid=UA-3837893-1&_gid=1297507430.1680694767&cd1=70265&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=299891&cd6=campaign&cd11=recurring%20optimization&z=1441810326

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63256
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
25ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1331897401&t=timing&_s=6&dl=https%3A%2F%2Fdonate.zakatelaviv.org%2Fgive%2F299891%2F%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&ul=en-us&de=UTF-8&dt=Donate%20to%20Zaka%20Tel-Aviv%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1680694767571&utt=2723&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=518399758.1680694767&tid=UA-3837893-1&_gid=1297507430.1680694767&cd1=70265&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=299891&cd6=campaign&cd11=recurring%20optimization&z=2066380790

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63256
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
260 B 111ms
107ms Image
image/gif 3.216.210.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1566116007&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=8&st=1680694768237&hv=4.19.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.210.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-210-35.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 111ms
108ms Image
image/gif 3.216.210.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2585518562755356&v=2637740109079207&s=614757097209298&b=web&tv=4.0&sp=z&sp=0&sp=ts&sp=1680694767502&sp=d&sp=donate.zakatelaviv.org&sp=h&sp=%2Fgive%2F299891%2F&sp=t&sp=Zaka%20Tel-Aviv%20Fund&sp=q&sp=%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER&pp=d&pp=donate.zakatelaviv.org&pp=q&pp=%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&pp=h&pp=%2Fgive%2F299891%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER&pp=t&pp=Zaka%20Tel-Aviv%20Fund&pp=ts&pp=1680694767502&id0=8589465355605371&k0=environment&k0=prod&k0=organization_id&k0=70265&k0=payment_processor&k0=Authorize.net&k0=campaign&k0=299891&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=label&k0=Begin%20Checkout&k0=action&k0=checkout&k0=currency&k0=USD&t0=Begin%20Checkout&ts0=1680694768247&st=1680694768248

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.210.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-210-35.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 57ms
14ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.zakatelaviv.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:47:20 GMT
x-content-type-options: nosniff
age: 89528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:47:20 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 69ms
27ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.zakatelaviv.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:47:20 GMT
x-content-type-options: nosniff
age: 89528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:47:20 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 74ms
34ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.zakatelaviv.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:47:20 GMT
x-content-type-options: nosniff
age: 89528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:47:20 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ 28 KB
29 KB 81ms
44ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.zakatelaviv.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 20:18:13 GMT
x-content-type-options: nosniff
age: 141675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Apr 2024 20:18:13 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 65ms
39ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.zakatelaviv.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:47:20 GMT
x-content-type-options: nosniff
age: 89528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:47:20 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
30 KB 51ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://donate.zakatelaviv.org/
Origin: https://donate.zakatelaviv.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: nginx
etag: W/"63090485-15e40"
vary: Accept-Encoding
x-hw: 1680694768.dop001.fr8.t,1680694768.cds330.fr8.hn,1680694768.cds258.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30957

GET
H2 200 inner.html Show response
m.stripe.network/ Frame C19C 930 B
1 KB 14ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 205
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 11:39:28 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 180
x-content-type-options: nosniff
x-request-id: 8ae3968c-e912-409f-b60a-b88db22e6374
x-served-by: cache-fra-eddf8230040-FRA
x-timer: S1680694768.316886,VS0,VE0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
351 B 66ms
20ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-3837893-1&cid=518399758.1680694767&jid=365204805&gjid=28526657&_gid=1297507430.1680694767&_u=KEBAAEAAAAAAACAAI~&z=210589490

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.zakatelaviv.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 05 Apr 2023 11:39:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.zakatelaviv.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ 28 KB
29 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.zakatelaviv.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 20:18:13 GMT
x-content-type-options: nosniff
age: 141675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Apr 2024 20:18:13 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.zakatelaviv.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:47:20 GMT
x-content-type-options: nosniff
age: 89528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:47:20 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame C19C 0
415 B 374ms
183ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-client-envoy-start-time-us: 1680694768621737
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 862.e74e95d2-1228.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 15ms
4ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/862.e74e95d2-1228.min.js
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f4f57044cd0b10b29ffb36a590e48ab912275a5daf264cd58241b25cac03e5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: gDL8cpdspH3IxcZPeLUXHRvPqJEXPWmp
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Apr 2023 11:39:28 GMT
x-amz-request-id: VHCHPBCJWYNVDFA9
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3271
x-amz-id-2: 6jKCsm5aQHOc/NvTUDrVuLizkywKgqlGvSALafMIMY3AmmGFaiGGCF+3HtONKOYYnm8X2ms9ET0=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680694768.363656,VS0,VE0
etag: "ff02f82193fd2ec047cb131aa65a0dd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6000

GET
H2 200 page_view_event-aggregate.46b69e61-1228.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 17ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_event-aggregate.46b69e61-1228.min.js
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22051e5464f07018297c13799b1db21f39f6b0676c72fce70dbbc6b9a4793c0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: KBeqQAET2qZgk2U9E4XZJmVRm1HOq8Rk
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Apr 2023 11:39:28 GMT
x-amz-request-id: VHCQ1Q3242E6W8QB
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1729
x-amz-id-2: 2GGOauIl1S3rfGIkVcnaTh6dNtVO7Hxb5P+2ntbASPqKuYOo/uT3pE0JVKCr2wr+0k89tzkEiWY=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680694768.364353,VS0,VE0
etag: "75e56b9529bc3582d1ee120d4a1d49e9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6019

GET
H2 200 page_view_timing-aggregate.ced8c919-1228.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 18ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_timing-aggregate.ced8c919-1228.min.js
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4c54ffc8c78d41d423befa6d5ec511b8e125470ff7deb69bc462dfbb70d780

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: ktDXvd_Dmea2UVJNoozUGAPGaGpVn1ZV
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Apr 2023 11:39:28 GMT
x-amz-request-id: VHCYDJ7CGYVHRS84
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: +J7Ky7Us4oEiaiHEyTMqQJH5mNieDONVLNfgjCoXyjidb0CRVUCc7eYVwouwCN8ihxv73mOW4FQ=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680694768.364338,VS0,VE0
etag: "ddb946a277f5c644d555e8e1bcf23b77"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5996

GET
H2 200 metrics-aggregate.56d9a464-1228.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 17ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/metrics-aggregate.56d9a464-1228.min.js
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb5175866e24b14e6c800a230af050366c0dcf144254dcdb0ceca4c10549dbe3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: cAHIZ8FQmEPf2jyMvAgXJXAVQ_Jrw1XM
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Apr 2023 11:39:28 GMT
x-amz-request-id: 39MH9SGSAR47CJ5B
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1751
x-amz-id-2: GtpkgVRTXwn+UXRIXc2M4igz9E2vicRXDjCe1FzZkqLw+aexe8MzYBsA7NDZXfTChx9UiIXUWxY=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680694768.364317,VS0,VE0
etag: "04475d81e10a8c7213d39d14e581c599"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6029

GET
H2 200 jserrors-aggregate.64f61365-1228.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 17ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/jserrors-aggregate.64f61365-1228.min.js
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73e9fd5d1e48f63c04fc67135326a3e83eb635050aab2536c39dfa9e8989e269

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: 7blonOgQSCw8rfW7sCjHyJm0L6QYtp4X
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Apr 2023 11:39:28 GMT
x-amz-request-id: 39MVN1YXE8XHXG7E
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2938
x-amz-id-2: ioCfhqKA+ROms02RZJlgi3+GxRZgIb9mDW2ZxdH7qQIBd+wgc9o22B/dhYEnNKfzZZ6zb6QsCAY=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680694768.364296,VS0,VE0
etag: "06e9895d210a73225fa4b9a47e6e9c5a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4097

GET
H2 200 ajax-aggregate.e6085a9a-1228.min.js Show response
js-agent.newrelic.com/ 5 KB
3 KB 17ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/ajax-aggregate.e6085a9a-1228.min.js
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35d5e3136036964661cc94855e1028e063341e3cf4b41a410930fb149cfed5ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: Z4Nlcg06uCyBNWwjTtAHDtnTc5kadigL
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Apr 2023 11:39:28 GMT
x-amz-request-id: 39MPKFVGHHEYHNE8
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2365
x-amz-id-2: jELrNPWZganXHbh9l75hmROtqoqAKZJVwjs9Rx4wb8rF1n/ayta2wKZGy4ckQSVQ2GEjni9158w=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680694768.364290,VS0,VE0
etag: "61554094cde63c6eec39f630c32a828f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4105

GET
H2 200 session_trace-aggregate.ada8b15b-1228.min.js Show response
js-agent.newrelic.com/ 10 KB
4 KB 16ms
8ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/session_trace-aggregate.ada8b15b-1228.min.js
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 531b518173a4f9ac1a1aab5ad10c610d45437166fd39adc0d8208e51dc60f8d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: CejlNuOfipmDjtAs.g7oae_1BhJQzddr
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Apr 2023 11:39:28 GMT
x-amz-request-id: 39MVMPYN7FCYVSM6
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3732
x-amz-id-2: gXZ053xGY0nKpLW6wrMA1RpU7r/sT1iTVqsQFRpPP4UGlC5BwyXl9aRwtOcBZ2+vU8CybLk1Rjk=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680694768.364263,VS0,VE0
etag: "69d309900c2caeef33af662ddf91affc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4082

GET
H2 200 page_action-aggregate.1ef08094-1228.min.js Show response
js-agent.newrelic.com/ 3 KB
1 KB 18ms
9ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_action-aggregate.1ef08094-1228.min.js
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ec14af764fc18154e349ac3889637b2dc64debe89d7759dbcbb1db6cfe79ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: ZC9wFZ_QkK2B08VVIX3wzqk3DACA4ZFm
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Apr 2023 11:39:28 GMT
x-amz-request-id: 39MH2K5S23B6SR39
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1202
x-amz-id-2: WXW9geinpfoxgsH3HZ5Hsijb8I6epXaNoVrioCaCNYKtg4EBkcTg0GANn0PVC+PCM4Paqqg4cHE=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680694768.364794,VS0,VE0
etag: "9c1563b1437a04e5cd75285b2f4bffb0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3662

GET
H2 200 spa-aggregate.7222cbb6-1228.min.js Show response
js-agent.newrelic.com/ 18 KB
7 KB 18ms
10ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/spa-aggregate.7222cbb6-1228.min.js
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af92ff4576df40958f74249a9e167171305a5c842c886a2b1127bc46d727244a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: 8nTKqPmpPpJMnC7V_9l7a.Xfo0rf._qG
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Apr 2023 11:39:28 GMT
x-amz-request-id: 39MJRNTQF2PK214J
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6663
x-amz-id-2: 9gz03Bps/hGGvoR8B/4U7GTvattppKqlY6iI2NcPg6DQvBg9CwMG9PpyrTF+8ufWYk/xYmPm5Uk=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680694768.364766,VS0,VE0
etag: "5d22b006d12752c6dafe1b5f41318762"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3259

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/7da8dd3e/www-widgetapi.vflset/ 184 KB
62 KB 18ms
12ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7da8dd3e/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9d5d388649117caf4229e65edbf884be9f45e78259fb042e60ad1c112612b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63230
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 04 Apr 2024 11:30:23 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 4AF6 320 KB
104 KB 9ms
8ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fdonate.zakatelaviv.org
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://donate.zakatelaviv.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1781202
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Wed, 05 Apr 2023 11:39:28 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67A8)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
18ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1331897401&t=timing&_s=7&dl=https%3A%2F%2Fdonate.zakatelaviv.org%2Fgive%2F299891%2F%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&ul=en-us&de=UTF-8&dt=Donate%20to%20Zaka%20Tel-Aviv%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1680694767571&utt=2912&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=518399758.1680694767&tid=UA-3837893-1&_gid=1297507430.1680694767&cd1=70265&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=299891&cd6=campaign&cd11=recurring%20optimization&z=640241551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63256
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame C19C 86 KB
16 KB 10ms
10ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 05 Apr 2023 11:39:28 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 54
x-cache: HIT
content-length: 16031
x-request-id: e42f3364-32c2-471a-83d9-67dd1aa6dc4b
x-served-by: cache-fra-eddf8230040-FRA
server: Fastly
x-timer: S1680694768.384176,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 61

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 4AF6 663 B
606 B 147ms
115ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=b08204b42bba4513eb712281bb84ad7cadd9c7ac

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fdonate.zakatelaviv.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 108
date: Wed, 05 Apr 2023 11:39:28 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 05 Apr 2023 11:39:28 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 8c4ea5973ce02d7d
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 2667ec9cb5bade95a38e00c6506cffce23e99f5f6478966dd66a6a777394b836
content-length: 284

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
donate.zakatelaviv.org/sso/ssobuild/js/ 22 KB
7 KB 60ms
58ms XHR
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.zakatelaviv.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-a7ffded3e32946ae----1680694768460
traceparent: 00-0b75c9669c9d6d461f08055bc9c281a0-a7ffded3e32946ae-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhN2ZmZGVkM2UzMjk0NmFlIiwidHIiOiIwYjc1Yzk2NjljOWQ2ZDQ2MWYwODA1NWJjOWMyODFhMCIsInRpIjoxNjgwNjk0NzY4NDYwfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 20:22:28 GMT
cf-bgj: minify
server: cloudflare
age: 58765
etag: W/"64249e04-893d"
cf-polished: origSize=35133
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7b3182befb590b04-AMS
expires: Wed, 03 Apr 2024 19:20:03 GMT

GET
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/1/ 49 B
397 B 263ms
227ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/67fe2a1b26?a=363721230&v=1228.PROD&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3069&ck=0&s=985e059c9034ee79&ref=https://donate.zakatelaviv.org/give/299891/&ap=386.652841&be=1533&fe=535&dc=528&tt=684afe7bd6b592af&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1680694765423,%22n%22:0,%22f%22:170,%22dn%22:171,%22dne%22:211,%22c%22:211,%22s%22:224,%22ce%22:244,%22rq%22:244,%22rp%22:1037,%22rpe%22:1213,%22dl%22:1040,%22di%22:1216,%22ds%22:1523,%22de%22:1523,%22dc%22:1529,%22l%22:1529,%22le%22:1551%7D,%22navigation%22:%7B%7D%7D&fp=2744&fcp=2744&jsonp=NREUM.setToken
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-fra-eddf8230127-FRA

GET
H2 200 js Show response
www.paypal.com/sdk/ 270 KB
75 KB 956ms
895ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&enable-funding=venmo&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&merchant-id=PXM7CVAH7R4KW&commit=true

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

65b1cbc4190713aaa50170df0131a17abfd594469691eec7d1ad254c11511106

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-M+A5w6eZ12DamKHX3HBnUmUIh/qENAOdHzHdi/es7DOE5kkl' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-M+A5w6eZ12DamKHX3HBnUmUIh/qENAOdHzHdi/es7DOE5kkl' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-M+A5w6eZ12DamKHX3HBnUmUIh/qENAOdHzHdi/es7DOE5kkl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-M+A5w6eZ12DamKHX3HBnUmUIh/qENAOdHzHdi/es7DOE5kkl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS, MISS
p3p: true
paypal-debug-id: f963293fc37f8
server-timing: "traceparent;desc="00-0000000000000000000f963293fc37f8-919a98bf933b00f3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 75244
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220041-HHN, cache-fra-eddf8230127-FRA
traceparent: 00-0000000000000000000f963293fc37f8-1ba7e499b4a2aec5-01
x-timer: S1680694769.614389,VS0,VE887
etag: W/"125ec-7CvS4WG8Dk0g3RcDfvUfYj+F8yQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 0, 0

POST
H2 200 6 Show response
m.stripe.com/ Frame C19C 156 B
670 B 576ms
188ms XHR
application/json 52.43.190.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.190.165 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-190-165.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

02b468f1d9aa69c9db4526f9abfb7c58fabb6a39b3bbee433efaff9db35c9396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 05 Apr 2023 11:39:29 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680694769053666
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1680694769053040
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 status Show response
donate.zakatelaviv.org/sso/ 87 B
1 KB 145ms
144ms XHR
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.zakatelaviv.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361098217060820513_1680694768458&_=1680694768459

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4e38479b204200e3ba25fdbddd80efbbb6b979441ea39bc3e55e3791bf5c408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-b493c13ab41c2219----1680694768579
traceparent: 00-77ce242d3776d7cf0c272449cc0e15b0-b493c13ab41c2219-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiNDkzYzEzYWI0MWMyMjE5IiwidHIiOiI3N2NlMjQyZDM3NzZkN2NmMGMyNzI0NDljYzBlMTViMCIsInRpIjoxNjgwNjk0NzY4NTc5fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
p3p: CP="Classy does not have a P3P policy."
content-type: application/javascript; charset=utf-8
cache-control: no-cache, private
cf-ray: 7b3182bfbc770b04-AMS
x-xss-protection: 1; mode=block

GET
H2 200 controller-860c79e739aba3b6b0e3db56f87bed79.html Show response
js.stripe.com/v3/ Frame 97C4 325 B
755 B 9ms
8ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-860c79e739aba3b6b0e3db56f87bed79.html

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1b5db7f90efd69ba636cf5cf2c80c8139472981607a54bfa4e51af32e0ed94d5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.zakatelaviv.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 23
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 11:39:28 GMT
etag: "860c79e739aba3b6b0e3db56f87bed79"
last-modified: Mon, 03 Apr 2023 20:02:06 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 6
x-content-type-options: nosniff
x-request-id: 9fc9c5b7-b03a-4428-8d29-f5ff870570ef
x-served-by: cache-fra-eddf8230040-FRA

GET
H2 200 payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html Show response
js.stripe.com/v3/ Frame 49FC 408 B
987 B 7ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3cea09dd00d8790cbd49628dc37ab64666a6077383ca99af4cbcd123d2a4e41a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.zakatelaviv.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 142455
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 11:39:28 GMT
etag: "d5c2cb3db97faadba6b018048e89e60b"
last-modified: Mon, 03 Apr 2023 20:02:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 200
x-content-type-options: nosniff
x-request-id: d71bcfb9-e42d-4567-8844-fb1c6e6543f6
x-served-by: cache-fra-eddf8230040-FRA

GET
H2 200 payment-request-inner-browser-92885a1fdaae69432390c36a86cccf1f.html Show response
js.stripe.com/v3/ Frame 4E9B 344 B
995 B 11ms
8ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-92885a1fdaae69432390c36a86cccf1f.html

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

74f356da9a3e5facc93ba03a6e1847ef794971837df44d58c8baecaf7cfb049f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.zakatelaviv.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 11
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 11:39:28 GMT
etag: "92885a1fdaae69432390c36a86cccf1f"
last-modified: Mon, 03 Apr 2023 20:02:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: d0ef86ed-06a0-4af0-af45-cd892eb2bb34
x-served-by: cache-fra-eddf8230040-FRA

POST
H2 200 csp-report
q.stripe.com/ Frame 97C4 0
640 B 184ms
183ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680694768698652
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-0473657670c4d34acb7c43e42d7f61c5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 97C4 389 KB
94 KB 10ms
9ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-860c79e739aba3b6b0e3db56f87bed79.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f10c9d182cac547df1e828abc27be4d7d2184f23383e1f2337322ca8b77155cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-860c79e739aba3b6b0e3db56f87bed79.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:28 GMT
via: 1.1 varnish
age: 142520
x-cache: HIT
content-length: 96474
x-request-id: ec7c278f-e111-447c-94cd-89fb14425903
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Mon, 03 Apr 2023 20:02:16 GMT
server: Fastly
etag: "4a28be18fa36c919fac420e53574b8d3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1844

GET
H2 200 controller-e3a22282cfbd40ff649cb9aa66794d64.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 97C4 444 KB
122 KB 9ms
8ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-e3a22282cfbd40ff649cb9aa66794d64.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-860c79e739aba3b6b0e3db56f87bed79.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a8759d17dc72389ef152c5cb6d0048aac801ad400e3262b6f7e60b040b914d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-860c79e739aba3b6b0e3db56f87bed79.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:28 GMT
via: 1.1 varnish
age: 148829
x-cache: HIT
content-length: 124527
x-request-id: c56c286a-9a3f-4093-a260-d4828fa947c4
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Mon, 03 Apr 2023 18:18:29 GMT
server: Fastly
etag: "7e8f32ec1c0433df134ccdb2f9361646"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1713

POST
H2 200 csp-report
q.stripe.com/ Frame 49FC 0
640 B 286ms
286ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680694768802450
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 49FC 0
640 B 284ms
284ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680694768802600
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 49FC 115 KB
35 KB 146ms
63ms Script
application/javascript 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4ebaa46cb7fd434b788ac85a1164d3c4bdcf992706fe83de8821a35015e2a6e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-O98OBkMrb_b7ydhmkAjmzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-O98OBkMrb_b7ydhmkAjmzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 05 Apr 2023 11:39:28 GMT

GET
H2 200 shared-0473657670c4d34acb7c43e42d7f61c5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 49FC 389 KB
94 KB 18ms
18ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f10c9d182cac547df1e828abc27be4d7d2184f23383e1f2337322ca8b77155cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:28 GMT
via: 1.1 varnish
age: 142520
x-cache: HIT
content-length: 96474
x-request-id: 7065af1f-9f16-4aa9-9134-cde79602ec1a
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Mon, 03 Apr 2023 20:02:16 GMT
server: Fastly
etag: "4a28be18fa36c919fac420e53574b8d3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1845

GET
H2 200 payment-request-inner-google-pay-82a52d809d72ed221910eea51343d5b7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 49FC 9 KB
4 KB 7ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-82a52d809d72ed221910eea51343d5b7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

65b9b932dd95ef6196e2422ef7749dd106724799f18daada01b44cc26e024a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:28 GMT
via: 1.1 varnish
age: 1276423
x-cache: HIT
content-length: 3806
x-request-id: 6ba9117f-0968-476d-9065-43897e9e82f5
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Tue, 21 Mar 2023 17:03:35 GMT
server: Fastly
etag: "0a91dbfac59829d4d2b5a973be16e802"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 182

POST
H2 200 csp-report
q.stripe.com/ Frame 4E9B 0
640 B 287ms
286ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680694768802619
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4E9B 0
640 B 286ms
285ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680694768802632
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-0473657670c4d34acb7c43e42d7f61c5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4E9B 389 KB
94 KB 22ms
22ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-92885a1fdaae69432390c36a86cccf1f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f10c9d182cac547df1e828abc27be4d7d2184f23383e1f2337322ca8b77155cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-92885a1fdaae69432390c36a86cccf1f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:28 GMT
via: 1.1 varnish
age: 142520
x-cache: HIT
content-length: 96474
x-request-id: fa985e86-1b1f-4886-a05d-3b0e56c430b4
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Mon, 03 Apr 2023 20:02:16 GMT
server: Fastly
etag: "4a28be18fa36c919fac420e53574b8d3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1846

GET
H2 200 payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4E9B 11 KB
5 KB 21ms
21ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-92885a1fdaae69432390c36a86cccf1f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8ae6dc26c68d8933cb92ca7c37f0905a07af7c7e9df8aca254d5e7cae6d7bad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-92885a1fdaae69432390c36a86cccf1f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:28 GMT
via: 1.1 varnish
age: 1276427
x-cache: HIT
content-length: 4751
x-request-id: 6619115c-fb40-47a7-9ecd-d09307533140
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Tue, 21 Mar 2023 17:03:35 GMT
server: Fastly
etag: "b98a0c1ae5833e6240aeebbd9d197cd1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 271

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 97C4 474 B
612 B 22ms
6ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9655b684b5d0bf382b59d60188dd0419b745955ac68c28ee89a7e0749c8d9830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-860c79e739aba3b6b0e3db56f87bed79.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 27
x-cache: HIT
content-length: 298
x-request-id: 3f8a9943-ec26-4fd6-9989-31dfa82ee606
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Tue, 04 Apr 2023 17:29:38 GMT
server: Fastly
etag: "5b9019b519f2cfe80dec4e5006f1fe99"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 link-config Show response
merchant-ui-api.stripe.com/elements/ Frame 97C4 1 KB
2 KB 343ms
234ms Fetch
application/json 34.252.74.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/link-config?key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&request_surface=web_card_element_popup&stripe_js_id=3845e92a-009d-4a37-9b09-0ac2244b3fff

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.252.74.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-74-21.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c73ead9b26c5ee517977a81ccc7ec6e733358351761ce4ff01633bc99fbdd153

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680694768914367
content-length: 1078
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST, HEAD, OPTIONS, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 79
access-control-expose-headers: Request-Id, Stripe-Manage-Version, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-stripe-client-envoy-start-time-us: 1680694768913602
timing-allow-origin: https://js.stripe.com
x-robots-tag: none
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 233ms
211ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768880580
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694768880303
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 207ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768855631
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1680694768855175
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 233ms
211ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768880368
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694768880149
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 234ms
212ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768880530
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694768880082
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 235ms
214ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768880805
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1680694768880269
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 240ms
219ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768882084
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694768881600
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 236ms
216ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768881906
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694768881454
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 232ms
213ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768881979
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694768881577
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 235ms
217ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768882310
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694768881816
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 342ms
324ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768984244
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1680694768983776
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 340ms
322ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768983946
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694768983718
access-control-allow-credentials: true
content-length: 0

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 110ms
108ms Image
image/gif 3.216.210.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2585518562755356&v=2637740109079207&s=614757097209298&b=web&tv=4.0&sp=ts&sp=1680694767502&sp=d&sp=donate.zakatelaviv.org&sp=h&sp=%2Fgive%2F299891%2F&sp=q&sp=%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER&pp=d&pp=donate.zakatelaviv.org&pp=q&pp=%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&pp=h&pp=%2Fgive%2F299891%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER&pp=t&pp=Zaka%20Tel-Aviv%20Fund&pp=ts&pp=1680694767502&id0=53311760044011&k0=environment&k0=prod&k0=organization_id&k0=70265&k0=payment_processor&k0=Authorize.net&k0=campaign&k0=299891&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=page&k0=%2Fgive%2F299891%2F%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER&k0=title&k0=Donation%20Page&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&k0=event_id&k0=1680694769.557930983215&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1680694768754&st=1680694768754

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.210.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-210-35.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1331897401&t=pageview&_s=8&dl=https%3A%2F%2Fdonate.zakatelaviv.org%2Fgive%2F299891%2F%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&dp=%2Fgive%2F299891%2F%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACACI~&jid=&gjid=&cid=518399758.1680694767&tid=UA-3837893-1&_gid=1297507430.1680694767&cd1=70265&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=299891&cd6=campaign&cd11=recurring%20optimization&z=1843640519

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63256
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/events/1/ 24 B
351 B 120ms
118ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/67fe2a1b26?a=363721230&v=1228.PROD&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3349&ck=0&s=985e059c9034ee79&ref=https://donate.zakatelaviv.org/give/299891/
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://donate.zakatelaviv.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://donate.zakatelaviv.org
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230127-FRA

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 6A28 18 KB
8 KB 67ms
65ms Document
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

032d330855ca65fca5eedd4c0d9e4074a73c4a74bca151c2465f8d7ff47078ef

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-0mX8pc3cK1Q6PpnOwj2klA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-0mX8pc3cK1Q6PpnOwj2klA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 05 Apr 2023 11:39:28 GMT
expires: Wed, 05 Apr 2023 11:39:28 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html Show response
js.stripe.com/v3/ Frame 373D 408 B
947 B 7ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3cea09dd00d8790cbd49628dc37ab64666a6077383ca99af4cbcd123d2a4e41a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.zakatelaviv.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 142455
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 11:39:28 GMT
etag: "d5c2cb3db97faadba6b018048e89e60b"
last-modified: Mon, 03 Apr 2023 20:02:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 201
x-content-type-options: nosniff
x-request-id: 78807663-66ec-409c-aa62-69912c397116
x-served-by: cache-fra-eddf8230040-FRA

GET
H2 200 payment-request-inner-browser-92885a1fdaae69432390c36a86cccf1f.html Show response
js.stripe.com/v3/ Frame EB45 344 B
1 KB 7ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-92885a1fdaae69432390c36a86cccf1f.html

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

74f356da9a3e5facc93ba03a6e1847ef794971837df44d58c8baecaf7cfb049f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.zakatelaviv.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 11
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 11:39:28 GMT
etag: "92885a1fdaae69432390c36a86cccf1f"
last-modified: Mon, 03 Apr 2023 20:02:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 3d3167f6-bbd5-498f-8008-1a38b56724a5
x-served-by: cache-fra-eddf8230040-FRA

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 244ms
243ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768984371
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1680694768983836
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 228ms
228ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768984228
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694768983923
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 234ms
234ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768984396
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694768983969
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 227ms
226ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768984278
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694768984037
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 224ms
224ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768984322
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1680694768984063
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 231ms
230ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768984594
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694768984114
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 229ms
226ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768984554
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1680694768984158
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 229ms
228ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:28 GMT
x-stripe-server-envoy-start-time-us: 1680694768985721
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1680694768985472
access-control-allow-credentials: true
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 373D 0
640 B 214ms
213ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680694768985600
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 373D 0
640 B 222ms
221ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680694768985643
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 373D 115 KB
34 KB 60ms
59ms Script
application/javascript 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4ebaa46cb7fd434b788ac85a1164d3c4bdcf992706fe83de8821a35015e2a6e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0ShJY6QcVqsFIWsDEyNxUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0ShJY6QcVqsFIWsDEyNxUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 05 Apr 2023 11:39:28 GMT

GET
H2 200 shared-0473657670c4d34acb7c43e42d7f61c5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 373D 389 KB
94 KB 7ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f10c9d182cac547df1e828abc27be4d7d2184f23383e1f2337322ca8b77155cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:28 GMT
via: 1.1 varnish
age: 142521
x-cache: HIT
content-length: 96474
x-request-id: 47f5c0b5-2230-4140-b3aa-1ef0c7095bb0
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Mon, 03 Apr 2023 20:02:16 GMT
server: Fastly
etag: "4a28be18fa36c919fac420e53574b8d3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1848

GET
H2 200 payment-request-inner-google-pay-82a52d809d72ed221910eea51343d5b7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 373D 9 KB
4 KB 7ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-82a52d809d72ed221910eea51343d5b7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

65b9b932dd95ef6196e2422ef7749dd106724799f18daada01b44cc26e024a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-d5c2cb3db97faadba6b018048e89e60b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:28 GMT
via: 1.1 varnish
age: 1276423
x-cache: HIT
content-length: 3806
x-request-id: 02d61590-6e94-4c40-a19c-75a0382f5ce5
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Tue, 21 Mar 2023 17:03:35 GMT
server: Fastly
etag: "0a91dbfac59829d4d2b5a973be16e802"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 183

POST
H2 200 csp-report
q.stripe.com/ Frame EB45 0
640 B 263ms
262ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680694769036294
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame EB45 0
640 B 265ms
264ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680694769036499
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-0473657670c4d34acb7c43e42d7f61c5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EB45 389 KB
94 KB 9ms
9ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-92885a1fdaae69432390c36a86cccf1f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f10c9d182cac547df1e828abc27be4d7d2184f23383e1f2337322ca8b77155cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-92885a1fdaae69432390c36a86cccf1f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:28 GMT
via: 1.1 varnish
age: 142521
x-cache: HIT
content-length: 96474
x-request-id: adfafd88-37b4-4f37-a255-5f13b3f8b51d
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Mon, 03 Apr 2023 20:02:16 GMT
server: Fastly
etag: "4a28be18fa36c919fac420e53574b8d3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1849

GET
H2 200 payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EB45 11 KB
5 KB 10ms
9ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-92885a1fdaae69432390c36a86cccf1f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8ae6dc26c68d8933cb92ca7c37f0905a07af7c7e9df8aca254d5e7cae6d7bad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-92885a1fdaae69432390c36a86cccf1f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:28 GMT
via: 1.1 varnish
age: 1276427
x-cache: HIT
content-length: 4751
x-request-id: 689a4e0a-42a0-4386-a208-fed225315859
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Tue, 21 Mar 2023 17:03:35 GMT
server: Fastly
etag: "b98a0c1ae5833e6240aeebbd9d197cd1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 272

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 6A28 2 KB
2 KB 118ms
118ms Other
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 05 Apr 2023 11:39:28 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OXk-zdkrGPw.es5.O/am=gPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMit... Frame 6A28 157 KB
56 KB 51ms
13ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OXk-zdkrGPw.es5.O/am=gPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgtOLV56sRaoc0UYlb__A2CDtap_g/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed67da44d3a15173b9e84aaaf2e5562798c5de8c90a810c0080cfbb9f0ab4a41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 16:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56823
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 23:32:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 16:18:54 GMT

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 66B7 18 KB
7 KB 68ms
67ms Document
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

090187fca3feee753fb47b4432fdf40fe3bab4db78d62c3d94f56e547b97f35e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mxbRi98Y92CnVlfdstozDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mxbRi98Y92CnVlfdstozDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 05 Apr 2023 11:39:28 GMT
expires: Wed, 05 Apr 2023 11:39:28 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OXk-zdkrGPw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.p1K... Frame 6A28 70 KB
26 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OXk-zdkrGPw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.p1KLv0VxJWw.L.B1.O/am=gPEAIA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgJGjM6JW0oMvrmAsblSrlGdhTbZw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OXk-zdkrGPw.es5.O/am=gPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgtOLV56sRaoc0UYlb__A2CDtap_g/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ff9548079c7494f8627d7f8bec0497bf00ae249ffde2da7e0e7b3ae00f51bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 16:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26325
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 20:27:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 16:18:55 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 6A28 1 MB
387 KB 69ms
69ms XHR
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9be1c4a124bd4f7c741ba291fd52374732675fab53349d5249a496d9f77c88d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tJX8-J14knpin2NtihTP2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-tJX8-J14knpin2NtihTP2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 05 Apr 2023 11:39:29 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OXk-zdkrGPw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.p1K... Frame 6A28 23 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OXk-zdkrGPw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.p1KLv0VxJWw.L.B1.O/am=gPEAIA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgJGjM6JW0oMvrmAsblSrlGdhTbZw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ffb134a86372e2c72d74a4da0d5b1535e8ec68ce9eb4f75294846050d8d029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 16:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9254
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 20:27:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 16:18:55 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OXk-zdkrGPw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.p1K... Frame 6A28 36 KB
13 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OXk-zdkrGPw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.p1KLv0VxJWw.L.B1.O/am=gPEAIA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgJGjM6JW0oMvrmAsblSrlGdhTbZw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e4d6d507dd7285a57eae0f9c61fe443a033109fbc1639549205254f63e2d280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 16:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13567
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 20:27:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 16:18:55 GMT

POST
H2 200 log Show response
play.google.com/ Frame 6A28 131 B
273 B 54ms
49ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 11:39:29 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 87ms
46ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 05 Apr 2023 11:39:29 GMT
expires: Wed, 05 Apr 2023 11:39:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 6A28 131 B
273 B 50ms
48ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 11:39:29 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 85ms
46ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 05 Apr 2023 11:39:29 GMT
expires: Wed, 05 Apr 2023 11:39:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 6A28 131 B
273 B 53ms
51ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 11:39:29 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 85ms
46ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 05 Apr 2023 11:39:29 GMT
expires: Wed, 05 Apr 2023 11:39:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 6A28 131 B
273 B 50ms
49ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 11:39:29 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 84ms
47ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 05 Apr 2023 11:39:29 GMT
expires: Wed, 05 Apr 2023 11:39:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 66B7 2 KB
2 KB 121ms
120ms Other
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OXk-zdkrGPw.es5.O/am=gPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMit... Frame 66B7 157 KB
56 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed67da44d3a15173b9e84aaaf2e5562798c5de8c90a810c0080cfbb9f0ab4a41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 16:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56823
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 23:32:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 16:18:54 GMT

POST
H2 200 log Show response
play.google.com/ Frame 6A28 131 B
578 B 83ms
49ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 11:39:29 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 187ms
186ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769160958
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769160590
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 185ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769161284
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769161041
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 185ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769163381
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769163207
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 185ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769163741
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769163543
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 185ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769169298
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769168972
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 186ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769169322
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769169018
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 185ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769170597
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1680694769170151
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 185ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769170423
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769170139
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 186ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769171254
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769171007
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 186ms
186ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769172083
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769171387
access-control-allow-credentials: true
content-length: 0

POST
H3 200 log Show response
play.google.com/ Frame 6A28 131 B
155 B 52ms
47ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 11:39:29 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 47ms
47ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 05 Apr 2023 11:39:29 GMT
expires: Wed, 05 Apr 2023 11:39:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OXk-zdkrGPw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.p1K... Frame 66B7 70 KB
26 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ff9548079c7494f8627d7f8bec0497bf00ae249ffde2da7e0e7b3ae00f51bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 16:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26325
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 20:27:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 16:18:55 GMT

POST
H3 200 log Show response
play.google.com/ Frame 6A28 131 B
155 B 52ms
51ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 11:39:29 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 46ms
45ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 05 Apr 2023 11:39:29 GMT
expires: Wed, 05 Apr 2023 11:39:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 185ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769192938
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769192742
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 185ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769193518
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769193207
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 189ms
188ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769198698
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769198127
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 188ms
188ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769198485
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769198207
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 186ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769198771
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769198482
access-control-allow-credentials: true
content-length: 0

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 109ms
109ms Image
image/gif 3.216.210.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2585518562755356&v=2637740109079207&s=614757097209298&b=web&tv=4.0&sp=ts&sp=1680694767502&sp=d&sp=donate.zakatelaviv.org&sp=h&sp=%2Fgive%2F299891%2F&sp=q&sp=%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER&pp=d&pp=donate.zakatelaviv.org&pp=q&pp=%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&pp=h&pp=%2Fgive%2F299891%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER&pp=t&pp=Zaka%20Tel-Aviv%20Fund&pp=ts&pp=1680694767502&id0=2518319588637912&k0=environment&k0=prod&k0=organization_id&k0=70265&k0=payment_processor&k0=Authorize.net&k0=campaign&k0=299891&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&k0=event_id&k0=1680694769.783625337207&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1680694769111&st=1680694769111

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.210.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-210-35.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 11:39:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 GooglePay-logo.svg
donate.zakatelaviv.org/static/global/images/digitalWallets/ 3 KB
1 KB 398ms
397ms Image
image/svg+xml 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.zakatelaviv.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Mar 2023 20:29:38 GMT
server: cloudflare
etag: W/"64249fb2-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7b3182c3092f0b04-AMS
expires: Thu, 04 Apr 2024 11:39:29 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 66B7 1 MB
386 KB 69ms
69ms XHR
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4587917406d2457e15a089f00663a7175a294975e799087282d160710751e0d6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aMd7vboHszk4tpg2b_3L0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aMd7vboHszk4tpg2b_3L0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 05 Apr 2023 11:39:29 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OXk-zdkrGPw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.p1K... Frame 66B7 23 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OXk-zdkrGPw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.p1KLv0VxJWw.L.B1.O/am=gPEAIA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgJGjM6JW0oMvrmAsblSrlGdhTbZw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ffb134a86372e2c72d74a4da0d5b1535e8ec68ce9eb4f75294846050d8d029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 16:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9254
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 20:27:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 16:18:55 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OXk-zdkrGPw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.p1K... Frame 66B7 36 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OXk-zdkrGPw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.p1KLv0VxJWw.L.B1.O/am=gPEAIA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgJGjM6JW0oMvrmAsblSrlGdhTbZw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e4d6d507dd7285a57eae0f9c61fe443a033109fbc1639549205254f63e2d280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 16:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13567
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 20:27:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 16:18:55 GMT

POST
H3 200 log Show response
play.google.com/ Frame 66B7 131 B
155 B 48ms
47ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 11:39:29 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 46ms
45ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 05 Apr 2023 11:39:29 GMT
expires: Wed, 05 Apr 2023 11:39:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 66B7 131 B
155 B 49ms
49ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 11:39:29 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 46ms
46ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 05 Apr 2023 11:39:29 GMT
expires: Wed, 05 Apr 2023 11:39:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 66B7 131 B
155 B 50ms
49ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 11:39:29 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 46ms
46ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 05 Apr 2023 11:39:29 GMT
expires: Wed, 05 Apr 2023 11:39:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 66B7 131 B
155 B 50ms
49ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 11:39:29 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 46ms
46ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 05 Apr 2023 11:39:29 GMT
expires: Wed, 05 Apr 2023 11:39:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 66B7 131 B
155 B 51ms
51ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 11:39:29 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 46ms
45ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 05 Apr 2023 11:39:29 GMT
expires: Wed, 05 Apr 2023 11:39:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 66B7 131 B
155 B 67ms
66ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 11:39:29 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 46ms
45ms Preflight
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 05 Apr 2023 11:39:29 GMT
expires: Wed, 05 Apr 2023 11:39:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 186ms
186ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769259431
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769259229
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 186ms
186ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769260009
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769259758
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 97C4 0
273 B 185ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0473657670c4d34acb7c43e42d7f61c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 05 Apr 2023 11:39:29 GMT
x-stripe-server-envoy-start-time-us: 1680694769268589
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680694769268281
access-control-allow-credentials: true
content-length: 0

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 109ms
109ms Image
image/gif 3.216.210.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=2585518562755356&v=2637740109079207&s=614757097209298&b=web&tv=4.0&sp=ts&sp=1680694767502&sp=d&sp=donate.zakatelaviv.org&sp=h&sp=%2Fgive%2F299891%2F&sp=q&sp=%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER&pp=d&pp=donate.zakatelaviv.org&pp=q&pp=%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY&pp=h&pp=%2Fgive%2F299891%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER&pp=t&pp=Zaka%20Tel-Aviv%20Fund&pp=ts&pp=1680694767502&id0=6809113170066537&k0=environment&k0=prod&k0=organization_id&k0=70265&k0=payment_processor&k0=Authorize.net&k0=campaign&k0=299891&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&k0=event_id&k0=1680694769.512236864053&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1680694769181&st=1680694769181

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.210.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-210-35.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 11:39:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H3 200 log Show response
play.google.com/ Frame 66B7 131 B
155 B 49ms
49ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 11:39:29 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
6 KB 13ms
12ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=donate.zakatelaviv.org&t=xo&v=5.0.361&source=payments_sdk&mrid=PXM7CVAH7R4KW&client_id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&comp=buttons,funding-eligibility&vault=false

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d90523df89da77e651693de725cc36a11c87df765f2a0799af74cd6bbd905fe5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-6/g4MpTCxgF0i4LG0ElfSs/yY5sXeDqvAzN3cIzNOcO1qzUm' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-6/g4MpTCxgF0i4LG0ElfSs/yY5sXeDqvAzN3cIzNOcO1qzUm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 72312
x-cache: HIT, MISS
paypal-debug-id: f892049101a27
server-timing: "traceparent;desc="00-0000000000000000000f892049101a27-7186b97e60a6f661-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4778
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220067-HHN, cache-fra-eddf8230127-FRA
traceparent: 00-0000000000000000000f892049101a27-fca895e7ad58140d-01
x-timer: S1680694770.538049,VS0,VE3
etag: W/"3573-RNRFAA1rI6AQ3dBT4yfEOee6L2M"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 7, 0

GET
H2 200 js Show response
www.paypal.com/sdk/ 269 KB
75 KB 11ms
11ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&intent=tokenize&vault=true

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

21a117053b503a13d2f88587ccc179d5de1c402e69716e30f8fd274f69722179

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-MNXAewdU+YUrKUtBqnBaTlV3gbEd8PgXb+CV/T7P2TJrK3E1' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-MNXAewdU+YUrKUtBqnBaTlV3gbEd8PgXb+CV/T7P2TJrK3E1' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-MNXAewdU+YUrKUtBqnBaTlV3gbEd8PgXb+CV/T7P2TJrK3E1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-MNXAewdU+YUrKUtBqnBaTlV3gbEd8PgXb+CV/T7P2TJrK3E1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 2302
x-cache: HIT, HIT
p3p: true
paypal-debug-id: f171428d76f9f
server-timing: "traceparent;desc="00-0000000000000000000f171428d76f9f-4b4c57e8494344f2-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 75126
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220046-HHN, cache-fra-eddf8230127-FRA
traceparent: 00-0000000000000000000f171428d76f9f-8fc46b4ae6e11090-01
x-timer: S1680694770.539397,VS0,VE3
etag: W/"12576-5ObQlTwJQhIgZLI40lO6ivH/VUA"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 21, 1

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 50ms
7ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: a33c7ff38115d
dc: ccg11-origin-www-1.paypal.com
content-length: 16464
last-modified: Tue, 03 May 2022 17:28:29 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-0000000000000000000a33c7ff38115d-86687a114db77e2b-01
etag: "6271663d-da91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 05 Apr 2023 12:39:29 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
852 B 220ms
184ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3APXM7CVAH7R4KW-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3APXM7CVAH7R4KW-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=925698d2-f0f4-4b54-92e5-219aae85dd43&fltp=analytics&mrid=PXM7CVAH7R4KW&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donate%20to%20Zaka%20Tel-Aviv%20Fund&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1680694769551&g=0&completeurl=https%3A%2F%2Fdonate.zakatelaviv.org%2Fgive%2F299891%2F%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Wed, 05 Apr 2023 11:39:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: fa92d66192fe6
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn-etou8220079-HHN, cache-fra-eddf8230097-FRA
pragma: no-cache
traceparent: 00-0000000000000000000fa92d66192fe6-ed2889a38c5651da-01
x-timer: S1680694770.590461,VS0,VE177
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 11:39:29 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 11ms
11ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=donate.zakatelaviv.org&t=xo&v=5.0.361&source=payments_sdk&client_id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&comp=buttons,funding-eligibility&vault=true

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-exx2XWDyXFzahwvXExd1wPp/yNbpeQmAbJMnCoZpcHDWkU/R' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-exx2XWDyXFzahwvXExd1wPp/yNbpeQmAbJMnCoZpcHDWkU/R' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1697
x-cache: HIT, MISS
paypal-debug-id: f45120452e9f4
server-timing: "traceparent;desc="00-0000000000000000000f45120452e9f4-fa3d85ecb673de69-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220072-HHN, cache-fra-eddf8230127-FRA
traceparent: 00-0000000000000000000f45120452e9f4-9b4510b30ed62417-01
x-timer: S1680694770.572152,VS0,VE4
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 0061 377 KB
137 KB 365ms
364ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPVBYTTdDVkFIN1I0S1cmY29tbWl0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9maHZibXdyam1vaHRqbmZyZHh3aWVtcmxwdmltcG4ifX0&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=f5361948cd3f8&storageID=uid_25caba5952_mte6mzk6mjk&sessionID=uid_2832ed6172_mte6mzk6mjk&buttonSessionID=uid_191be9d297_mte6mzk6mjk&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOnRydWV9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjp0cnVlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&merchantID.0=PXM7CVAH7R4KW&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&enable-funding=venmo&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&merchant-id=PXM7CVAH7R4KW&commit=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c1ad25a9261ab7fade3a63591b01b9a835414e4815bdafb7dada01463522f781

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://donate.zakatelaviv.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 11:39:29 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5e32c-tPlimQPb8t3gEjMZfRLx2bnxdO8"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f858291db80bb
server-timing: "traceparent;desc="00-0000000000000000000f858291db80bb-41f45c0e2b619113-01"";content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f858291db80bb-2ac6e3c2e099dc79-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-hhn-etou8220073-HHN, cache-fra-eddf8230127-FRA
x-timer: S1680694770.634279,VS0,VE357
x-xss-protection: 1; mode=block

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame B655 377 KB
136 KB 380ms
379ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=01595a76a7719&storageID=uid_1dcc70d3f5_mte6mzk6mjk&sessionID=uid_659c564359_mte6mzk6mjk&buttonSessionID=uid_58dae6bfd4_mte6mzk6mjk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&intent=tokenize&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d3872db9e633f8718f1f3d0147577d92da390b343f3b31cd0cf297c82376f35f

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://donate.zakatelaviv.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 11:39:30 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5e2df-tZ1rtfGzGNy3DwkYLScE4Bf6vcE"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f85829165c3c3
server-timing: "traceparent;desc="00-0000000000000000000f85829165c3c3-e49ae2d33e39e423-01"";content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f85829165c3c3-55aabff9ca772e94-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-hhn-etou8220033-HHN, cache-fra-eddf8230127-FRA
x-timer: S1680694770.672858,VS0,VE372
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.6/ Frame 6A70 3 KB
1 KB 8ms
7ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.6/paypal-blue.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CAE) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 29bd88d728712
dc: ccg11-origin-www-1.paypal.com
content-length: 1217
last-modified: Tue, 07 Mar 2023 16:08:03 GMT
server: ECAcc (frc/4CAE)
traceparent: 00-000000000000000000029bd88d728712-ece19032310d9b08-01
etag: W/"64076163-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 05 Apr 2023 12:39:29 GMT

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.6/ Frame 4D1B 3 KB
1 KB 10ms
9ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.6/paypal-blue.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CAE) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 29bd88d728712
dc: ccg11-origin-www-1.paypal.com
content-length: 1217
last-modified: Tue, 07 Mar 2023 16:08:03 GMT
server: ECAcc (frc/4CAE)
traceparent: 00-000000000000000000029bd88d728712-ece19032310d9b08-01
etag: W/"64076163-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 05 Apr 2023 12:39:29 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1015 B
2 KB 175ms
175ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3de776132149a43cf26d3cdc2051f7d66459be0572120ebb9ea1dd918d75ebb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://donate.zakatelaviv.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Wed, 05 Apr 2023 11:39:30 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f858291092b27
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220043-HHN, cache-fra-eddf8230111-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f858291092b27-2a2cbe72c8349f7e-01
x-timer: S1680694770.887360,VS0,VE168
etag: W/"3f7-yB28SNmzCZdcQ4VXAiL6iRDaydY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://donate.zakatelaviv.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 211ms
197ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://donate.zakatelaviv.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://donate.zakatelaviv.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 05 Apr 2023 11:39:29 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f858291aa2a89
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f858291aa2a89-45f1ac36ab6beb41-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220020-HHN, cache-fra-eddf8230111-FRA
x-timer: S1680694770.689736,VS0,VE189

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1015 B
2 KB 196ms
196ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

83523559d439330ce0e4144e2fd4e3990fce46fdc4c013e5460863d44685ff93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://donate.zakatelaviv.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Wed, 05 Apr 2023 11:39:30 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f858291c1bb59
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220028-HHN, cache-fra-eddf8230111-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f858291c1bb59-dc432cd25547e467-01
x-timer: S1680694770.910689,VS0,VE189
etag: W/"3f7-qa+wklDHL+iz1o60n8odmMaxPrQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://donate.zakatelaviv.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 230ms
220ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://donate.zakatelaviv.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://donate.zakatelaviv.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 05 Apr 2023 11:39:29 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f8582917406e7
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f8582917406e7-c9a432dd75bbe44f-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220045-HHN, cache-fra-eddf8230111-FRA
x-timer: S1680694770.689893,VS0,VE212

GET
H2 200 ts
t.paypal.com/ 42 B
541 B 171ms
171ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Donate%20to%20Zaka%20Tel-Aviv%20Fund&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1680694769689&g=0&completeurl=https%3A%2F%2Fdonate.zakatelaviv.org%2Fgive%2F299891%2F%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Wed, 05 Apr 2023 11:39:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: be8265800ba19
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-hhn-etou8220049-HHN, cache-fra-eddf8230097-FRA
pragma: no-cache
correlation-id: be8265800ba19
traceparent: 00-0000000000000000000be8265800ba19-a85dbe87537930cb-01
x-timer: S1680694770.693027,VS0,VE164
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 11:39:29 GMT

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 2B44 54 KB
17 KB 7ms
7ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.zakatelaviv.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Wed, 05 Apr 2023 11:39:29 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6271663d-d994"
expires: Wed, 05 Apr 2023 12:39:29 GMT
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 5fb98b935e08b
server: ECAcc (frc/4CBF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000005fb98b935e08b-4586d0e74203c3c7-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 ts
t.paypal.com/ 42 B
498 B 168ms
167ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3APXM7CVAH7R4KW-1&page=muse%3Aoffer%3A%3A%3APXM7CVAH7R4KW-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=925698d2-f0f4-4b54-92e5-219aae85dd43&es=visitorInfoFlowStarted&mrid=PXM7CVAH7R4KW&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donate%20to%20Zaka%20Tel-Aviv%20Fund&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1680694769731&g=0&completeurl=https%3A%2F%2Fdonate.zakatelaviv.org%2Fgive%2F299891%2F%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Wed, 05 Apr 2023 11:39:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: b7abcef377945
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn-etou8220040-HHN, cache-fra-eddf8230097-FRA
pragma: no-cache
traceparent: 00-0000000000000000000b7abcef377945-ab4bc69021630c1b-01
x-timer: S1680694770.734586,VS0,VE161
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 11:39:29 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 2B44 435 B
2 KB 275ms
274ms Fetch
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6457b321dee49b503f859e8afacd6c7e75379c6592c86c44046693bb89a2e911

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-M+cxu1lXw/8Iq5cnzayanyP2OYHoPlkN6lPt38vP2cvguSjw' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-M+cxu1lXw/8Iq5cnzayanyP2OYHoPlkN6lPt38vP2cvguSjw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Wed, 05 Apr 2023 11:39:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f858291bf79a4
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220069-HHN, cache-fra-eddf8230127-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f858291bf79a4-8959aeed631a2d1a-01
x-timer: S1680694770.910857,VS0,VE266
etag: W/"1b3-6T45l1QUb0Y/Jixl5VXSsQYplZY"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 172ms
171ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 05 Apr 2023 11:39:29 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f8582917be6a0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f8582917be6a0-0273c6637ccffadb-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-hhn-etou8220041-HHN, cache-fra-eddf8230111-FRA
x-timer: S1680694770.736858,VS0,VE165

GET
DATA 200
OK truncated
/ Frame 0061 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B655 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 0061 270 KB
75 KB 9ms
8ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPVBYTTdDVkFIN1I0S1cmY29tbWl0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9maHZibXdyam1vaHRqbmZyZHh3aWVtcmxwdmltcG4ifX0&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=f5361948cd3f8&storageID=uid_25caba5952_mte6mzk6mjk&sessionID=uid_2832ed6172_mte6mzk6mjk&buttonSessionID=uid_191be9d297_mte6mzk6mjk&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOnRydWV9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjp0cnVlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&merchantID.0=PXM7CVAH7R4KW&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

65b1cbc4190713aaa50170df0131a17abfd594469691eec7d1ad254c11511106

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-M+A5w6eZ12DamKHX3HBnUmUIh/qENAOdHzHdi/es7DOE5kkl' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-M+A5w6eZ12DamKHX3HBnUmUIh/qENAOdHzHdi/es7DOE5kkl' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPVBYTTdDVkFIN1I0S1cmY29tbWl0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9maHZibXdyam1vaHRqbmZyZHh3aWVtcmxwdmltcG4ifX0&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=f5361948cd3f8&storageID=uid_25caba5952_mte6mzk6mjk&sessionID=uid_2832ed6172_mte6mzk6mjk&buttonSessionID=uid_191be9d297_mte6mzk6mjk&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOnRydWV9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjp0cnVlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&merchantID.0=PXM7CVAH7R4KW&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-M+A5w6eZ12DamKHX3HBnUmUIh/qENAOdHzHdi/es7DOE5kkl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-M+A5w6eZ12DamKHX3HBnUmUIh/qENAOdHzHdi/es7DOE5kkl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:30 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1
x-cache: MISS, HIT
p3p: true
paypal-debug-id: f963293fc37f8
server-timing: "traceparent;desc="00-0000000000000000000f963293fc37f8-919a98bf933b00f3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 75244
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220041-HHN, cache-fra-eddf8230127-FRA
traceparent: 00-0000000000000000000f963293fc37f8-1ba7e499b4a2aec5-01
x-timer: S1680694770.133302,VS0,VE1
etag: W/"125ec-7CvS4WG8Dk0g3RcDfvUfYj+F8yQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame B655 269 KB
75 KB 9ms
9ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&intent=tokenize&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=01595a76a7719&storageID=uid_1dcc70d3f5_mte6mzk6mjk&sessionID=uid_659c564359_mte6mzk6mjk&buttonSessionID=uid_58dae6bfd4_mte6mzk6mjk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

21a117053b503a13d2f88587ccc179d5de1c402e69716e30f8fd274f69722179

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-MNXAewdU+YUrKUtBqnBaTlV3gbEd8PgXb+CV/T7P2TJrK3E1' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-MNXAewdU+YUrKUtBqnBaTlV3gbEd8PgXb+CV/T7P2TJrK3E1' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=01595a76a7719&storageID=uid_1dcc70d3f5_mte6mzk6mjk&sessionID=uid_659c564359_mte6mzk6mjk&buttonSessionID=uid_58dae6bfd4_mte6mzk6mjk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-MNXAewdU+YUrKUtBqnBaTlV3gbEd8PgXb+CV/T7P2TJrK3E1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-MNXAewdU+YUrKUtBqnBaTlV3gbEd8PgXb+CV/T7P2TJrK3E1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:30 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 2303
x-cache: HIT, HIT
p3p: true
paypal-debug-id: f171428d76f9f
server-timing: "traceparent;desc="00-0000000000000000000f171428d76f9f-4b4c57e8494344f2-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 75126
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220046-HHN, cache-fra-eddf8230127-FRA
traceparent: 00-0000000000000000000f171428d76f9f-8fc46b4ae6e11090-01
x-timer: S1680694770.186678,VS0,VE1
etag: W/"12576-5ObQlTwJQhIgZLI40lO6ivH/VUA"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 21, 2

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 0061 59 KB
20 KB 72ms
10ms Script
application/javascript 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 4, 1, 2485583
date: Wed, 05 Apr 2023 11:39:30 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5494297
x-cache: HIT, HIT, HIT
paypal-debug-id: 8d02b3197927f
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
x-served-by: cache-sjc10074-SJC, cache-fra-eddf8230048-FRA, cache-fra-eddf8230111-FRA
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
traceparent: 00-00000000000000000008d02b3197927f-a6cbabdc8c2b29e1-01
x-timer: S1680694771.748659,VS0,VE1
etag: W/"63d97a76-ecbf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 11:39:30 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame B655 59 KB
21 KB 18ms
8ms Script
application/javascript 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=01595a76a7719&storageID=uid_1dcc70d3f5_mte6mzk6mjk&sessionID=uid_659c564359_mte6mzk6mjk&buttonSessionID=uid_58dae6bfd4_mte6mzk6mjk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 4, 1, 2485583
date: Wed, 05 Apr 2023 11:39:30 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5494297
x-cache: HIT, HIT, HIT
paypal-debug-id: 8d02b3197927f
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
x-served-by: cache-sjc10074-SJC, cache-fra-eddf8230048-FRA, cache-fra-eddf8230111-FRA
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
traceparent: 00-00000000000000000008d02b3197927f-a6cbabdc8c2b29e1-01
x-timer: S1680694771.748339,VS0,VE1
etag: W/"63d97a76-ecbf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 11:39:30 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0061 1005 B
2 KB 220ms
217ms Ping
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8fb81b310e36a377fca0ac4e36f9e199b013aa086552ff9c234120b8260567b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPVBYTTdDVkFIN1I0S1cmY29tbWl0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9maHZibXdyam1vaHRqbmZyZHh3aWVtcmxwdmltcG4ifX0&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=f5361948cd3f8&storageID=uid_25caba5952_mte6mzk6mjk&sessionID=uid_2832ed6172_mte6mzk6mjk&buttonSessionID=uid_191be9d297_mte6mzk6mjk&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOnRydWV9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjp0cnVlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&merchantID.0=PXM7CVAH7R4KW&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 05 Apr 2023 11:39:30 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f78770973d048
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220076-HHN, cache-fra-eddf8230127-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f78770973d048-0312de2969fc35b0-01
x-timer: S1680694771.754913,VS0,VE210
etag: W/"3ed-zCjBh78RazHE/192CLLiIUIAhxE"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 301F 160 B
1 KB 171ms
170ms Document
text/html 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: bf47f3fcb0ac2
date: Wed, 05 Apr 2023 11:39:30 GMT
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: bf47f3fcb0ac2
server-timing: "traceparent;desc="00-0000000000000000000bf47f3fcb0ac2-3b95c98c780e7018-01"";content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000bf47f3fcb0ac2-17aa8da7c1b10b23-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220058-HHN, cache-fra-eddf8230111-FRA
x-timer: S1680694771.778235,VS0,VE164
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame C986
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_659c564359_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_659c564359_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS

42 B
299 B

113ms
36ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_659c564359_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=01595a76a7719&storageID=uid_1dcc70d3f5_mte6mzk6mjk&sessionID=uid_659c564359_mte6mzk6mjk&buttonSessionID=uid_58dae6bfd4_mte6mzk6mjk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 11:39:30 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_659c564359_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS
Date: Wed, 05 Apr 2023 11:39:30 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame E752 160 B
1 KB 189ms
188ms Document
text/html 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 65a2e473e127
date: Wed, 05 Apr 2023 11:39:30 GMT
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: 65a2e473e127
server-timing: "traceparent;desc="00-0000000000000000000065a2e473e127-c1ad25d6b30a3aea-01"";content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000065a2e473e127-d3ae7ef4063cd0c6-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220049-HHN, cache-fra-eddf8230111-FRA
x-timer: S1680694771.787423,VS0,VE182
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 4A19
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_2832ed6172_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_2832ed6172_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS

42 B
299 B

116ms
38ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_2832ed6172_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPVBYTTdDVkFIN1I0S1cmY29tbWl0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9maHZibXdyam1vaHRqbmZyZHh3aWVtcmxwdmltcG4ifX0&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=f5361948cd3f8&storageID=uid_25caba5952_mte6mzk6mjk&sessionID=uid_2832ed6172_mte6mzk6mjk&buttonSessionID=uid_191be9d297_mte6mzk6mjk&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOnRydWV9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjp0cnVlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&merchantID.0=PXM7CVAH7R4KW&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 11:39:30 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_2832ed6172_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS
Date: Wed, 05 Apr 2023 11:39:30 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame B655 1016 B
1 KB 222ms
221ms Ping
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=01595a76a7719&storageID=uid_1dcc70d3f5_mte6mzk6mjk&sessionID=uid_659c564359_mte6mzk6mjk&buttonSessionID=uid_58dae6bfd4_mte6mzk6mjk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f548e107f7cbf214467c52fa7c49d3983fb1f8bebe47414386691ff15268ac64

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=01595a76a7719&storageID=uid_1dcc70d3f5_mte6mzk6mjk&sessionID=uid_659c564359_mte6mzk6mjk&buttonSessionID=uid_58dae6bfd4_mte6mzk6mjk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 05 Apr 2023 11:39:31 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f78770997a93a
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220022-HHN, cache-fra-eddf8230127-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f78770997a93a-eb85dc1a08bc872e-01
x-timer: S1680694771.805333,VS0,VE214
etag: W/"3f8-u/osa5Bq02nQZC9V0thrJHcksy4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 301F 59 KB
21 KB 8ms
7ms Script
application/javascript 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 4, 1, 2485584
date: Wed, 05 Apr 2023 11:39:30 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5494297
x-cache: HIT, HIT, HIT
paypal-debug-id: 8d02b3197927f
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
x-served-by: cache-sjc10074-SJC, cache-fra-eddf8230048-FRA, cache-fra-eddf8230111-FRA
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
traceparent: 00-00000000000000000008d02b3197927f-a6cbabdc8c2b29e1-01
x-timer: S1680694771.958285,VS0,VE1
etag: W/"63d97a76-ecbf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 11:39:30 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 301F 125 B
1 KB 190ms
190ms XHR
application/json 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d3c79547ef4a988feeb5dfd96fbe817c0e9f651db1d14104ad94f82bbf947e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 05 Apr 2023 11:39:31 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: e9449f1059705
server-timing: "traceparent;desc="00-0000000000000000000e9449f1059705-e7eaf7e9ab155460-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 125
x-served-by: cache-hhn-etou8220064-HHN, cache-fra-eddf8230111-FRA
correlation-id: e9449f1059705
traceparent: 00-0000000000000000000e9449f1059705-d4879363c3a1c8cd-01
content-type: application/json
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame 301F 0
346 B 294ms
294ms XHR
text/plain 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 05 Apr 2023 11:39:31 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: 3392fb1dddf3d
server-timing: "traceparent;desc="00-00000000000000000003392fb1dddf3d-482b8c62b7f33272-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-hhn-etou8220027-HHN, cache-fra-eddf8230111-FRA
correlation-id: 3392fb1dddf3d
traceparent: 00-00000000000000000003392fb1dddf3d-18fd49c3f521dc69-01
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 301F 0
322 B 214ms
187ms Image
text/plain 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_659c564359_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:31 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: 1519abd452edf
server-timing: "traceparent;desc="00-00000000000000000001519abd452edf-4446456dcfec6615-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
x-served-by: cache-hhn-etou8220049-HHN, cache-fra-eddf8230111-FRA
correlation-id: 1519abd452edf
traceparent: 00-00000000000000000001519abd452edf-6f35dc758cf9e41b-01
x-timer: S1680694771.009052,VS0,VE180
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame E752 59 KB
21 KB 8ms
8ms Script
application/javascript 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 4, 1, 2485585
date: Wed, 05 Apr 2023 11:39:30 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5494297
x-cache: HIT, HIT, HIT
paypal-debug-id: 8d02b3197927f
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
x-served-by: cache-sjc10074-SJC, cache-fra-eddf8230048-FRA, cache-fra-eddf8230111-FRA
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
traceparent: 00-00000000000000000008d02b3197927f-a6cbabdc8c2b29e1-01
x-timer: S1680694771.986786,VS0,VE1
etag: W/"63d97a76-ecbf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 11:39:30 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame E752 125 B
744 B 186ms
185ms XHR
application/json 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2ed0c60cea4a3c8616ca2b98958e5bcbd6af5d43de6c393d08f8cb8041dd79a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 05 Apr 2023 11:39:31 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: d6c64a17899c3
server-timing: "traceparent;desc="00-0000000000000000000d6c64a17899c3-5a87b27f200495c0-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 125
x-served-by: cache-hhn-etou8220045-HHN, cache-fra-eddf8230111-FRA
correlation-id: d6c64a17899c3
traceparent: 00-0000000000000000000d6c64a17899c3-cc80000968b7b395-01
content-type: application/json
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame E752 0
268 B 167ms
167ms XHR
text/plain 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 05 Apr 2023 11:39:31 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: b3db0485ca46a
server-timing: "traceparent;desc="00-0000000000000000000b3db0485ca46a-6f18564a2d403e4f-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-hhn-etou8220054-HHN, cache-fra-eddf8230111-FRA
correlation-id: b3db0485ca46a
traceparent: 00-0000000000000000000b3db0485ca46a-3fa74879feba4856-01
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame E752 0
219 B 186ms
182ms Image
text/plain 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_2832ed6172_mte6mzk6mjk&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:39:31 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: 82efe247cbb61
server-timing: "traceparent;desc="00-000000000000000000082efe247cbb61-427c976a7887e329-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
x-served-by: cache-hhn-etou8220045-HHN, cache-fra-eddf8230111-FRA
correlation-id: 82efe247cbb61
traceparent: 00-000000000000000000082efe247cbb61-f95dc8904e3bf269-01
x-timer: S1680694771.009040,VS0,VE175
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame B655 1013 B
2 KB 216ms
215ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

edd7898471f839d71da816595eeecbdb5f77fe0544fe5527ff08fbfb4881b6b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=01595a76a7719&storageID=uid_1dcc70d3f5_mte6mzk6mjk&sessionID=uid_659c564359_mte6mzk6mjk&buttonSessionID=uid_58dae6bfd4_mte6mzk6mjk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Wed, 05 Apr 2023 11:39:31 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f787709b043d8
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220036-HHN, cache-fra-eddf8230127-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f787709b043d8-dfbd631208bc116e-01
x-timer: S1680694771.025842,VS0,VE208
etag: W/"3f5-p581MnUkSfAZctSNkAat/gekeKI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 0061 1015 B
1 KB 211ms
210ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c7e7762ee1b12c14212c84532fd36af33ebe2ab025bd339e66d8ceaa8b59df69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPVBYTTdDVkFIN1I0S1cmY29tbWl0PXRydWUiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9maHZibXdyam1vaHRqbmZyZHh3aWVtcmxwdmltcG4ifX0&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=f5361948cd3f8&storageID=uid_25caba5952_mte6mzk6mjk&sessionID=uid_2832ed6172_mte6mzk6mjk&buttonSessionID=uid_191be9d297_mte6mzk6mjk&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOnRydWV9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjp0cnVlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&merchantID.0=PXM7CVAH7R4KW&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Wed, 05 Apr 2023 11:39:31 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f787709148e11
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220053-HHN, cache-fra-eddf8230127-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f787709148e11-0df0ec39381f9584-01
x-timer: S1680694771.055335,VS0,VE203
etag: W/"3f7-f2EXhP8JUDylFhB0m/djCJKkD5A"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ 295 B
422 B 7ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: donate.zakatelaviv.org
URL: https://donate.zakatelaviv.org/give/299891/?_kx=bLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.zakatelaviv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 11:39:33 GMT
via: 1.1 varnish
age: 12324858
x-cache: HIT
content-length: 209
x-request-id: 0550a893-535d-4b33-a288-ad47c12ff76f
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 732

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
donate.zakatelaviv.org/	1970-01-20 20:27:34	Name: connect.sid Value: s%3A6hvM7G4zAS0E8TlupQMyTEkkEZX6vErl.K2tedXGP8jtVJtMi2%2BWQJKKS%2FUQqlkDJrR8gdJ0QbvU
.donate.zakatelaviv.org/	1970-01-20 10:51:36	Name: __cf_bm Value: XNOW2RBNGF8UlxKvB9g3K3v0jf15X9pb.JY9RInYchw-1680694766-0-Abqw/V2NLdHM84cP4fbeSkYlPHXPExTYfAgSlgDTPd9TJDDTrcnDaFuy/DLm88jBQGJqk/8C6qXjXZ/lZEasAYI=
.donate.zakatelaviv.org/	1969-12-31 23:59:59	Name: __cfruid Value: 33938cb9a198bd5535eb62f83921a7ee606d9461-1680694766
.classy.org/	1970-01-20 10:51:36	Name: __cf_bm Value: A6CrhTmureMDibFQNMfb4GX8I5aXZZicditNfwG4qiA-1680694766-0-Af3sMWUJGREAJJOzauzNqeicmjr8IM5a5jYvZv8zm+zo8SjQDftHG+FYfarmQ9wwrey62hv/5fVCw8iEaTSrMFo=
.zakatelaviv.org/	1970-01-20 20:27:34	Name: _ga Value: GA1.2.518399758.1680694767
.zakatelaviv.org/	1970-01-20 10:53:01	Name: _gid Value: GA1.2.1297507430.1680694767
.zakatelaviv.org/	1970-01-20 20:19:32	Name: _hp2_id.1566116007 Value: %7B%22userId%22%3A%222585518562755356%22%2C%22pageviewId%22%3A%222637740109079207%22%2C%22sessionId%22%3A%22614757097209298%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
donate.zakatelaviv.org/	1970-01-20 11:11:44	Name: c_src Value: %7B%22299891%22%3A%5B%7B%22c_src%22%3A%22PASSOVER%22%2C%22referrer%22%3A%22%22%2C%22timestamp%22%3A1680694767572%7D%5D%7D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: -bpwMWiF-rg
.youtube.com/	1970-01-20 15:10:46	Name: VISITOR_INFO1_LIVE Value: MHKiozdOGn8
.zakatelaviv.org/	1970-01-20 10:51:34	Name: _gat_classyTrack Value: 1
.zakatelaviv.org/	1970-01-20 20:19:32	Name: _hp2_props.1566116007 Value: %7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A70265%2C%22payment_processor%22%3A%22Authorize.net%22%2C%22campaign%22%3A299891%2C%22campaign_type%22%3A%22donation%22%2C%22duplicate_fundraisers%22%3Afalse%2C%22existing_fundraiser%22%3Afalse%7D
.zakatelaviv.org/	1970-01-20 10:51:36	Name: _hp2_ses_props.1566116007 Value: %7B%22ts%22%3A1680694767502%2C%22d%22%3A%22donate.zakatelaviv.org%22%2C%22h%22%3A%22%2Fgive%2F299891%2F%22%2C%22q%22%3A%22%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER%22%7D
.donate.zakatelaviv.org/	1970-01-20 19:37:10	Name: OptanonConsent Value: landingPath=https%3A%2F%2Fdonate.zakatelaviv.org%2Fgive%2F299891%2F%3F_kx%3DbLi_-VPlfpBG7vx3zk2yyR4uQEkuKBFzdWwbrj4dc9HWW0E5UwSDzpF-rgOxYX1C.R7NmfY%23!%2Fdonation%2Fcheckout%3Famount%3D150%26preset1%3D50%26preset2%3D150%26preset3%3D500%26preset4%3D2500%26currency%3DUSD%26c_src%3DPASSOVER&datestamp=Wed+Apr+05+2023+11%3A39%3A28+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true
donate.zakatelaviv.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: aJ6o0kkN-ES4Wp8Yb4Q-xKsVx08qlANpAGvk
donate.zakatelaviv.org/	1970-01-20 10:51:35	Name: XSRF-TOKEN Value: eyJpdiI6InpKRkpGeDN2SnZDeG1ZMG5HcTRQYUE9PSIsInZhbHVlIjoiOTJVcndDcytDU0xPUFNMeXowemdUYWRxK2ozXC9XUk94dU5adUZCUkp0OU9pQjM2djJwMDhLeVQwYUtaY1R2dXVyQnZlQVN3b1g3N2kzOFZVSDNwQW90ZXM4SjRjMjRKbkozQUY3NUNQclcySnZKWCtxYjJCSlU0ZldOd3dEeCtnIiwibWFjIjoiM2U3NzVhYzg3OGYxOTRmNGFiOTc2MDA3OWZkZGM4MGQ1NGJhODFhZjk3YzlhNWIxNWI5YThlNjU5YmI4NTYxZCJ9
donate.zakatelaviv.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6IlYzZTNIZWNIS2tKcFBXU1ZNQWtjNUE9PSIsInZhbHVlIjoiaW1HNmdqV1FcLzNjK3I4dncyNlwvbG1hb1ZGVk9senlMd28yTWk0M3ArWklqZ0J3NXh2ZlwvM1BGNnNxMmVDSjdJNVJWY2p1TDVUb2pISVZoVW50eGo2bE9BZ3dQdHZWRzhBQXdnRndubGxPWkxwRko3QmNRMUFyXC9IdDFLTVRnVTRmIiwibWFjIjoiZGFmYmYzZWU1NDYyZDIxNTI1YjBmOWUzNGZjYmRlODA2ODA4ZDI2N2VmNzc3OTFiNTY3ZTUyNmVkYjliYTk4OSJ9
.google.com/	1970-01-20 15:15:05	Name: NID Value: 511=hjBxXszNNFkOBXLpgdzeH99WNjmkYDuuk3Su8nP3zNetgdmNfzPfSGLKV60E1gWvLGWVdnMJdmsGH0CIqM4z6vlSgSWdX0fAcVrDJowq3vwGgemsMCcFiBmld40XWI0nmOFzWp_vGnsAkw2qRvMbFsOfme_wze3lDKBABTwiDgo
m.stripe.com/	1970-01-20 20:27:34	Name: m Value: ce172881-ff9e-494c-bb5b-71af012ff085f2a43d
.donate.zakatelaviv.org/	1970-01-20 19:37:10	Name: __stripe_mid Value: 27ee9113-aeaa-4e8d-93d2-26c98625ed4a660552
.donate.zakatelaviv.org/	1970-01-20 10:51:36	Name: __stripe_sid Value: 6b63bf45-1901-42c2-8507-44b3c92db13d6ecf5e
.paypal.com/	1970-01-20 19:37:10	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 10:52:06	Name: LANG Value: de_DE%3BDE
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AZl0-FQipXrUlrGs6kctwG3J3GYAUoMyb.LydWirBV4F30aWkW8QfphhvhbvxyIaQDDVoJbNyjbCY
.paypal.com/	1970-01-20 10:51:36	Name: l7_az Value: dcg02.phx
.paypalobjects.com/	1970-01-20 10:53:01	Name: paypal-offers--cust Value: null:null:null
.paypal.com/	1970-01-20 10:55:53	Name: tsrce Value: loggernodeweb
.c.paypal.com/	1970-01-20 20:27:34	Name: sc_f Value: H3BxeMtcPC7uJhhBwtGzBSm8bCA1ca9oS7bF8YpBM22UF13uZDj7fEC9JyQ5KQ1v3Dmw7MVu46YNx8exkxpKOQO6ALWMxUYM3b2dYW
.paypal.com/	1970-01-20 20:27:34	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: zh6b_qRzFoXxfYmeM0TPvyaEWI89pKBeD-JoLRdKiItOQ50sOrIgitJeT0oidz0CUewHx3BVB_rDBo3W
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY4MDY5NDc3MTE3MSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 20:27:34	Name: ts Value: vreXpYrS%3D1775389171%26vteXpYrS%3D1680696571%26vr%3D5136fcd31870ad009987ca35f9ed08f6%26vt%3D5136fcd31870ad009987ca35f9ed08f5%26vtyp%3Dnew
.paypal.com/	1970-01-20 20:27:34	Name: ts_c Value: vr%3D5136fcd31870ad009987ca35f9ed08f6%26vt%3D5136fcd31870ad009987ca35f9ed08f5

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.classy.org
b.stats.paypal.com
bam.nr-data.net
c.paypal.com
c6.paypal.com
cdn.heapanalytics.com
cdn.plaid.com
code.jquery.com
donate.zakatelaviv.org
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
heapanalytics.com
htp.tokenex.com
js-agent.newrelic.com
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
pay.classy.org
pay.google.com
platform.twitter.com
play.google.com
prod-frs.content.classy.org
q.stripe.com
r.stripe.com
sessions.bugsnag.com
static.cloudflareinsights.com
stats.g.doubleclick.net
syndication.twitter.com
t.paypal.com
trk.klclick1.com
unpkg.com
www.google-analytics.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.youtube.com
104.244.42.136
13.32.121.98
13.32.27.116
151.101.129.21
151.101.129.35
151.101.130.137
151.101.192.176
151.101.193.35
162.247.243.29
192.229.221.25
2001:4de0:ac18::1:a:1b
2600:1901:0:7a0b::
2600:9000:2251:a400:18:359:ab80:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:4400::ac40:9062
2606:4700::6810:3865
2606:4700::6810:7daf
2606:4700::6812:7115
2606:4700::6812:843c
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200e
2a00:1450:400c:c07::9d
2a00:1450:400c:c09::5c
3.216.210.35
34.252.74.21
52.143.247.24
52.43.190.165
54.187.159.182
64.4.245.84
005ff4910da9715c20b25351f3ec257c7cd86fc43e8982073ab4b850d0d2a863
02b468f1d9aa69c9db4526f9abfb7c58fabb6a39b3bbee433efaff9db35c9396
032d330855ca65fca5eedd4c0d9e4074a73c4a74bca151c2465f8d7ff47078ef
06e6c9207fbe9da61d03ef9f6eb3222e8d214736bb0b59b53e2e3ab4caa0a0a7
079c85d823b588108b623f842c5aca6c805c4f1b2c9af00d5aff193224d0d477
090187fca3feee753fb47b4432fdf40fe3bab4db78d62c3d94f56e547b97f35e
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
0ec14af764fc18154e349ac3889637b2dc64debe89d7759dbcbb1db6cfe79ef8
0fcb318dda14e51adf628a0939c75620a7abd1dbb7f198d3327f95a159a0b061
1b5db7f90efd69ba636cf5cf2c80c8139472981607a54bfa4e51af32e0ed94d5
1e4d6d507dd7285a57eae0f9c61fe443a033109fbc1639549205254f63e2d280
21a117053b503a13d2f88587ccc179d5de1c402e69716e30f8fd274f69722179
22051e5464f07018297c13799b1db21f39f6b0676c72fce70dbbc6b9a4793c0a
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2df6f5d8fed6f48a3b92a08774e2b6e41468e28cb620c0a795b589b7cef2ac19
35d5e3136036964661cc94855e1028e063341e3cf4b41a410930fb149cfed5ce
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11
3cea09dd00d8790cbd49628dc37ab64666a6077383ca99af4cbcd123d2a4e41a
3de776132149a43cf26d3cdc2051f7d66459be0572120ebb9ea1dd918d75ebb9
3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4587917406d2457e15a089f00663a7175a294975e799087282d160710751e0d6
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b0b2f42f76654d010efb75faffe48ae712e1532c65460bfe09c0ebe55723c34
4f4f57044cd0b10b29ffb36a590e48ab912275a5daf264cd58241b25cac03e5f
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51329ab2f212ec58b2808047a6e5b5b3f7bf525d4a04143f60e20354f7d8877a
51c0a4b5ec7156153403c2af284870c3eb38058bcceb2f7b979d6f07978d5ff7
531b518173a4f9ac1a1aab5ad10c610d45437166fd39adc0d8208e51dc60f8d6
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
6457b321dee49b503f859e8afacd6c7e75379c6592c86c44046693bb89a2e911
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
64f54734a54457e203911b07532988b4dfcd5096554c9e3d32a3691dfa3672f8
65b1cbc4190713aaa50170df0131a17abfd594469691eec7d1ad254c11511106
65b9b932dd95ef6196e2422ef7749dd106724799f18daada01b44cc26e024a39
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
718f55ec5165c4f26ef3abddd8bc6ad24926e1378d443574c5789971d6374999
73e9fd5d1e48f63c04fc67135326a3e83eb635050aab2536c39dfa9e8989e269
74f356da9a3e5facc93ba03a6e1847ef794971837df44d58c8baecaf7cfb049f
774e637e100ab57dd4fc780c397abd31892f4b3f4cd70249b6c2bc11e11b23c2
7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493
7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849
7f4870d3d781adf3fa0e339a238eb2c592b8ae1a524e6503dc6f27076cd43f02
802148ca10ceb4570292e087cb2ecb1151e858bf7d5e37079e0784d6118908f7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83523559d439330ce0e4144e2fd4e3990fce46fdc4c013e5460863d44685ff93
83c6c18f8719320cbd6cd83248055a13a92e1c7866c23a347c08c92c7d1fe391
85abc988732d2ff3b9ebd67b4efe8da81f8e56d9b6088a1fb379cd68536aa2eb
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8ae6dc26c68d8933cb92ca7c37f0905a07af7c7e9df8aca254d5e7cae6d7bad7
8d3c79547ef4a988feeb5dfd96fbe817c0e9f651db1d14104ad94f82bbf947e9
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
8fb81b310e36a377fca0ac4e36f9e199b013aa086552ff9c234120b8260567b0
8ff9548079c7494f8627d7f8bec0497bf00ae249ffde2da7e0e7b3ae00f51bb2
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9655b684b5d0bf382b59d60188dd0419b745955ac68c28ee89a7e0749c8d9830
987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c
9a0bdd1ae4ee32d4baae9d67a408487db873a859d0c39adfb05b45b755f2037b
9be1c4a124bd4f7c741ba291fd52374732675fab53349d5249a496d9f77c88d2
9d6e591d92a24fd320dc58bed706a0ae674dc91c5c9effd5470e48694252fa41
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9e7d595f9089209fce023a961d31ea386f600d32a44094e000d830bc7bdd4e6d
a2ed0c60cea4a3c8616ca2b98958e5bcbd6af5d43de6c393d08f8cb8041dd79a
a39c7130747e5795889aa3ee603173b357eb0deade0252622413c78ddbe00350
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4e38479b204200e3ba25fdbddd80efbbb6b979441ea39bc3e55e3791bf5c408
a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542
a4f03677f716f1db373f1c115b0199d7d777dd90634465e8e9de07ada8d96036
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a8759d17dc72389ef152c5cb6d0048aac801ad400e3262b6f7e60b040b914d0a
adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af92ff4576df40958f74249a9e167171305a5c842c886a2b1127bc46d727244a
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
ba4a8e6c3bd2e718298e1ab8e03c03f9c4f977164ce9ec719d54402b3f65ac41
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1ad25a9261ab7fade3a63591b01b9a835414e4815bdafb7dada01463522f781
c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4
c73ead9b26c5ee517977a81ccc7ec6e733358351761ce4ff01633bc99fbdd153
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
c7e7762ee1b12c14212c84532fd36af33ebe2ab025bd339e66d8ceaa8b59df69
c9d5d388649117caf4229e65edbf884be9f45e78259fb042e60ad1c112612b9c
cbc1566ee11605f90eb9007374832de5b995286c6bf81dc115830e591a4868c8
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4c54ffc8c78d41d423befa6d5ec511b8e125470ff7deb69bc462dfbb70d780
d12edf79a333c20b2ffdc2abfa2168c88d6105e2073cce1bee3b962191ea38f8
d3872db9e633f8718f1f3d0147577d92da390b343f3b31cd0cf297c82376f35f
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d90523df89da77e651693de725cc36a11c87df765f2a0799af74cd6bbd905fe5
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b
e2ffb134a86372e2c72d74a4da0d5b1535e8ec68ce9eb4f75294846050d8d029
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e796c07297d30e6b628a9bc2472ecaa55c168015e4d35411d21c6accc51fd355
ed67da44d3a15173b9e84aaaf2e5562798c5de8c90a810c0080cfbb9f0ab4a41
edd7898471f839d71da816595eeecbdb5f77fe0544fe5527ff08fbfb4881b6b7
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
f10c9d182cac547df1e828abc27be4d7d2184f23383e1f2337322ca8b77155cc
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f4e4992a349487807e6aefae26cff7b2e9f7161f416a63b18a6aa97ca509570a
f4ebaa46cb7fd434b788ac85a1164d3c4bdcf992706fe83de8821a35015e2a6e
f548e107f7cbf214467c52fa7c49d3983fb1f8bebe47414386691ff15268ac64
f91bddfbfe67aedfd5e461755fc279e522df0666ca853c42a0a6e917b327e2b8
fb5175866e24b14e6c800a230af050366c0dcf144254dcdb0ceca4c10549dbe3
fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

donate.zakatelaviv.org Open in urlscan Pro 2606:4700::6812:843c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

243 Requests

99 %HTTPS

52 %IPv6

24 Domains

39 Subdomains

33 IPs

5 Countries

4575 kBTransfer

15019 kBSize

32 Cookies

7 Outgoing links

Page URL History

Redirected requests

243 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

donate.zakatelaviv.org Open in urlscan Pro
2606:4700::6812:843c Public Scan

Screenshot
Live screenshot

Full Image

243
Requests

99 %
HTTPS

52 %
IPv6

24
Domains

39
Subdomains

33
IPs

5
Countries

4575 kB
Transfer

15019 kB
Size

32
Cookies

243 HTTP transactions
2 data transactions