help-now.safe.org.nz Open in urlscan Pro
2a09:8280:1:9169:525:6faf:8a6f:9ab1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://help-now.safe.org.nz/
Submission: On September 19 via automatic, source certstream-suspicious (September 19th 2022, 2:48:30 am UTC) — Scanned from DE

Summary HTTP 213 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 15 domains to perform 213 HTTP transactions. The main IP is 2a09:8280:1:9169:525:6faf:8a6f:9ab1, located in United States and belongs to FLY, US. The main domain is help-now.safe.org.nz.
TLS certificate: Issued by R3 on September 19th 2022. Valid for: 3 months.

This is the only time help-now.safe.org.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a09:8280:1:9... 2a09:8280:1:9169:525:6faf:8a6f:9ab1	40509 (FLY) (FLY)
29	2606:4700:10:... 2606:4700:10::ac43:76c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4	185.180.12.68 185.180.12.68	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
30	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
15	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2016	15169 (GOOGLE) (GOOGLE)
55	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:400c:c00::5c	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	52.27.131.183 52.27.131.183	16509 (AMAZON-02) (AMAZON-02)
213	23

1 2a09:8280:1:9169:525:6faf:8a6f:9ab1 (United States)

ASN40509 (FLY, US)

help-now.safe.org.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:10::ac43:76c (United States)

ASN13335 (CLOUDFLARENET, US)

api.raisely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.raisely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.180.12.68 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net

superb-rudolph.raisely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

raisely-images.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400c:c00::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.27.131.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-131-183.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	stripe.com js.stripe.com — Cisco Umbrella Rank: 972 q.stripe.com — Cisco Umbrella Rank: 6432 r.stripe.com — Cisco Umbrella Rank: 4376 m.stripe.com — Cisco Umbrella Rank: 898	823 KB
39	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2890 play.google.com — Cisco Umbrella Rank: 24	805 KB
33	raisely.com api.raisely.com — Cisco Umbrella Rank: 721679 cdn.raisely.com — Cisco Umbrella Rank: 722026 superb-rudolph.raisely.com — Cisco Umbrella Rank: 938229	599 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	415 KB
15	imgix.net raisely-images.imgix.net — Cisco Umbrella Rank: 898857	5 MB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	797 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40 jnn-pa.googleapis.com — Cisco Umbrella Rank: 273	32 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 340	1 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1039	17 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	40 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	88 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 117	14 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 232	3 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	297 B
1	safe.org.nz help-now.safe.org.nz	94 KB
213	15

	Domain	Requested by
42	r.stripe.com	js.stripe.com
30	play.google.com	www.gstatic.com
28	js.stripe.com	cdn.raisely.com js.stripe.com
21	api.raisely.com	help-now.safe.org.nz cdn.raisely.com
15	raisely-images.imgix.net	help-now.safe.org.nz
13	q.stripe.com	help-now.safe.org.nz
10	www.gstatic.com	www.youtube.com www.gstatic.com pay.google.com
9	www.youtube.com	cdn.raisely.com www.youtube.com help-now.safe.org.nz
8	pay.google.com	js.stripe.com pay.google.com help-now.safe.org.nz www.gstatic.com
8	cdn.raisely.com	help-now.safe.org.nz
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	superb-rudolph.raisely.com	help-now.safe.org.nz superb-rudolph.raisely.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.google-analytics.com	www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	connect.facebook.net	help-now.safe.org.nz connect.facebook.net
1	m.stripe.com	m.stripe.network
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.facebook.com	help-now.safe.org.nz
1	fonts.googleapis.com	api.raisely.com
1	help-now.safe.org.nz
213	25

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
support.raisely.com
www.raisely.com
raisely.com

Subject Issuer	Validity	Valid
help-now.safe.org.nz R3	`2022-09-19` - `2022-12-18`	3 months	crt.sh
raisely.com Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-28` - `2022-09-26`	3 months	crt.sh
superb-rudolph.raisely.com R3	`2022-08-09` - `2022-11-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-08-31` - `2023-01-10`	4 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-01` - `2023-07-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-06` - `2022-12-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh

This page contains 12 frames:

Primary Page: https://help-now.safe.org.nz/
Frame ID: F2DB7F172E647D3C58FD3C508143466C
Requests: 52 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0
Frame ID: C113A0B0EEBF2B3BD6FDB2F9A1253785
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html
Frame ID: A552DBDA42BB8A48F99706A8D264D63D
Requests: 29 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html
Frame ID: 988EDD3358DCA32DB1F99BBFEF91DF71
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-7b1c34f1eb8240a851a7663ba023ff47.html
Frame ID: 073827FF2D80CE0CD4FA82441BB06E64
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html
Frame ID: 7FE89B44551D855FC2A449DE94C15DCC
Requests: 27 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html
Frame ID: 4FE8694F209D4EA87F3376940B695EB2
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-7b1c34f1eb8240a851a7663ba023ff47.html
Frame ID: E49F5F8B919EDDE523122572AD331CA6
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 7090D31018443AE60BA933621A130AB4
Requests: 16 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 914A03B3D5D329A112E74D6A3A5106CB
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-34afacfd6ab0f96c9ef6991f605f5d2c.html
Frame ID: 34BA304BCA6935DE62D18FC0E9CD96FF
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: DD3F863C3CE49FC39E19D4AB9875D290
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free HensRaisely

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

213
Requests

99 %
HTTPS

82 %
IPv6

15
Domains

25
Subdomains

23
IPs

4
Countries

8849 kB
Transfer

18181 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://facebook.com/sharer/sharer.php?u=https%3A%2F%2Fhelp-now.safe.org.nz%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?url=https%3A%2F%2Fhelp-now.safe.org.nz%2F&text=Free%20Hens%20%3A%20Make%20a%20donation%20today%20to%20support%20Free%20Hens&hashtags=free-hens&via=raisely

Search URL Search Domain Scan URL

URL: https://support.raisely.com/article/467-going-live-the-basics
Title: going live checklist

Search URL Search Domain Scan URL

URL: https://www.raisely.com/
Title: Sponsor Logo 1

Search URL Search Domain Scan URL

URL: https://raisely.com/?utm_source=footer&utm_medium=organic&utm_campaign=sign_up&utm_content=free-hens
Title: Powered byRaisely

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

213 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
help-now.safe.org.nz/ 441 KB
94 KB 544ms
319ms Document
text/html 2a09:8280:1:9169:525:6faf:8a6f:9ab1
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://help-now.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1:9169:525:6faf:8a6f:9ab1 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/2ceba9e7 (2022-09-17) /

Resource Hash

01a3a24ac02bc760a729aea23d3a55eb3fd4a400a0d957d6af4a0fe3b311f00f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.raisely.com save-hens.safe.org.nz help-now.safe.org.nz;
Strict-Transport-Security	max-age=86400;
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=30, s-maxage=60
content-encoding: gzip
content-security-policy: frame-ancestors *.raisely.com save-hens.safe.org.nz help-now.safe.org.nz;
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 02:48:22 GMT
fly-request-id: 01GD9TB3N8MWTPSNDT5K87FH54-ams
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: aacc0378-322c-40e4-a31b-d715a9ca26fd
server: Fly/2ceba9e7 (2022-09-17)
strict-transport-security: max-age=86400;
via: 2 fly.io
x-connection-region: ams
x-frame-options: DENY
x-raisely-cache-status: MISS
x-server-region: ord

GET
H2 200 styles.css
api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/ 85 KB
12 KB 511ms
476ms Stylesheet
text/css 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/styles.css

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fda0dfc809fcad24cdd2aff053075bb93c3de90317dcd3a14286593d784023a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
strict-transport-security: max-age=15552000; includeSubDomains; preload
request-id: 2a47ffdf-7928-4a8a-a628-30c375f06a15
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Sep 2022 02:48:23 GMT
server: cloudflare
x-cloud-trace-context: e9155dfcfb6481d9e4c587f9f57e1dd0/6780950508530448842;o=1
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: undefined
vary: Accept-Encoding
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 74cf008818739948-FRA
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 44ms
12ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f68e9aa18c5211046aa0f6c9f239c4c7bc9f86cb340c379f6193e82c69dc385f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://help-now.safe.org.nz/
Origin: https://help-now.safe.org.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Eq4OdEr2KkzZHM/FFmtDcA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: sXpjw5TGwFJreAdqhqOxCAwkh8xi+xzCPJclJ7+RQz/iQpGRusQM4WloLndh/cYT+k3+3B+jtl54x9caNx0eYQ==
x-fb-trip-id: 720026100
x-fb-content-md5: 0ceff76f03e1620618211c0e041e0ffc
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 19 Sep 2022 02:48:23 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "5109e8955faa02c693533e2e95c73c0f"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 19 Sep 2022 03:05:04 GMT

GET
H2 200 vendor.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 282 KB
89 KB 62ms
30ms Script
application/javascript 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/vendor.29c0e.bundle.js

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c0a0cd310cd3e63daa90db8e11dc291a4f9bdd30feb8f57a2e0460294282df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 55642
x-guploader-uploadid: ADPycdtShyV2nIJWRmEso6AqRlr6K_w2Ztqsn_9tai7QTDNposCsErGHQDd5jetDlLdhrsF93q0LlP89nzUjpFgM0BKO3g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:21:01 GMT
last-modified: Fri, 16 Sep 2022 11:06:35 GMT
server: cloudflare
etag: W/"d24ced864f5fb3b40dabb440a9316c51"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=f567Dg==, md5=0kzthk9fs7QNq7RAqTFsUQ==
x-goog-generation: 1663326394995576
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 289166
cf-ray: 74cf00883c646977-FRA
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 polyfill.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 128 KB
42 KB 60ms
29ms Script
application/javascript 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/polyfill.29c0e.bundle.js

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

748946db8a26d574fca067204deb081d499be5e0725191015f5ddde35efd7382

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 55642
x-guploader-uploadid: ADPycdtGUWdqI4QhZKQnI5BvXdvFk6dS-c7PoNedQhYNGAuGkkUwyVmb2iDeifyZD1UBmitOfs_yaP7tyabSPvTGPa385A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:21:01 GMT
last-modified: Fri, 16 Sep 2022 11:06:34 GMT
server: cloudflare
etag: W/"ba7ed8c076a5cab512fb7df0ea61d23d"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=DE3UBw==, md5=un7YwHalyrUS+33w6mHSPQ==
x-goog-generation: 1663326394035395
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 131371
cf-ray: 74cf00883c656977-FRA
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 editor.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 810 KB
211 KB 53ms
22ms Script
application/javascript 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/editor.29c0e.bundle.js

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edf477b34eeaf13d8bb762880aad797ae514af6836d1658a9b43bc26c90a703

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 55642
x-guploader-uploadid: ADPycduheXUxb51Bbhyvz31yLlh1cSFT2JFy_5sOtsdOTX_4mQOR2w39rzRpjsXhL3ScMZ8gnYudPgeHXvfIm-RnjyRH
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:21:01 GMT
last-modified: Fri, 16 Sep 2022 11:06:33 GMT
server: cloudflare
etag: W/"6599e3737e150bcbc54bf8d3d9427c2d"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=hUUbWw==, md5=ZZnjc34VC8vFS/jT2UJ8LQ==
x-goog-generation: 1663326393938461
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 829416
cf-ray: 74cf00883c676977-FRA
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 common+api.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 144 KB
35 KB 55ms
24ms Script
application/javascript 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/common+api.29c0e.bundle.js

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09306d45a56d4b23ad24b5d37b4ed3bc53ce234e958289215b850b872e30d705

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 55642
x-guploader-uploadid: ADPycdsUns00dOgLTLnXwQQdL-zY2wFFQO_GAeQ8U_Pact2y-NrELLszBS90LiF46jZlo3xtpb3l2Z5zib2pKx4h7hLXsQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:21:01 GMT
last-modified: Fri, 16 Sep 2022 11:06:33 GMT
server: cloudflare
etag: W/"ea92bc3dc45d5b464e8a3ab6a6c474b7"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=PmWFVw==, md5=6pK8PcRdW0ZOijq2psR0tw==
x-goog-generation: 1663326393795263
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 147667
cf-ray: 74cf00883c686977-FRA
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 sentry.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 71 KB
20 KB 52ms
21ms Script
application/javascript 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/sentry.29c0e.bundle.js

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95df2aad4647b6fb6d81c46c1c427edbfc504b9c585da7048ef26b2f70d8fffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 55642
x-guploader-uploadid: ADPycdti8EGXT5lz3aBhr86JmuqozCvh2Q14BtEA0Qj4Qz-drI2UkcIvXBRx9NMIDTx2sVOERlBhNkwbcz5lhe1IREj1Ag
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:21:01 GMT
last-modified: Fri, 16 Sep 2022 11:06:34 GMT
server: cloudflare
etag: W/"c40114ca7b2290ee0c4838b2a6f78d5c"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=g3J3Sw==, md5=xAEUynsikO4MSDiypveNXA==
x-goog-generation: 1663326394881436
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 72375
cf-ray: 74cf00883c696977-FRA
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 inputs.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 54 KB
13 KB 51ms
20ms Script
application/javascript 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/inputs.29c0e.bundle.js

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99bdabb19d46120c330ec9c62e232dd6f246c3aa0d221e2cbe6d394f9f54e583

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 55642
x-guploader-uploadid: ADPycdtQhFdL34iPlX-HOGHDTPThh1bIB7PoKGYOnNx0iuXxHKVmh4ZnPrliUza8lDAeuWdPHBuICympznHaAB9JU-S4jA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:21:01 GMT
last-modified: Fri, 16 Sep 2022 11:06:33 GMT
server: cloudflare
etag: W/"8159122a8c79e946a51c2d553b124c91"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=x8QT8Q==, md5=gVkSKox56UalHC1VOxJMkQ==
x-goog-generation: 1663326393780515
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 55104
cf-ray: 74cf00883c6b6977-FRA
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 core-styles.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 186 B
336 B 60ms
29ms Script
application/javascript 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/core-styles.29c0e.bundle.js

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e038b9d08aa52236f78b1af732b7f4a87b932dfe25262927ebffc05b60b3bc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 55642
x-guploader-uploadid: ADPycdvFJ5LNYFnY3DugWHL57NxID4QMAeHAvLimWyxqlvohRgUuQmTSDNTp_X5auDr1eZbs5PQXoDpZP473Oxuudw3TVw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:21:01 GMT
last-modified: Fri, 16 Sep 2022 11:06:33 GMT
server: cloudflare
etag: W/"9ee89d974b8f6de385968f24dd6947e7"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=WxMt1w==, md5=nuidl0uPbeOFlo8k3WlH5w==
x-goog-generation: 1663326393787435
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 186
cf-ray: 74cf00883c6e6977-FRA
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 app.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 520 KB
153 KB 60ms
30ms Script
application/javascript 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/app.29c0e.bundle.js

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d598c29412ef0cd35fe19215a8cea3c0ac0eb25b4102e4e4d36f8903434578c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 55642
x-guploader-uploadid: ADPycdvA-iENfqzQBDu2iCaw8o1cFRYeUphsbNvU0wA-BGJLsUK4kvyTTteysd1Ntnhrfb7QO3ISuvvm4MvLvnEjA_awHQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:21:01 GMT
last-modified: Fri, 16 Sep 2022 11:06:33 GMT
server: cloudflare
etag: W/"ec34914753bbbf93ddc6a624a4dcd024"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=hQv5Gg==, md5=7DSRR1O7v5PdxqYkpNzQJA==
x-goog-generation: 1663326393827467
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 532724
cf-ray: 74cf00883c6d6977-FRA
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 components.js Show response
api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/ 90 B
879 B 247ms
235ms Script
application/javascript 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/components.js

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b0186a5bb9858f730ed0311c9d5bc7826cf8ce3d49ce97010b335888963917

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
strict-transport-security: max-age=15552000; includeSubDomains; preload
request-id: 72d9735f-256e-4edb-a136-982f7df9b9ee
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Sep 2022 02:48:23 GMT
server: cloudflare
x-cloud-trace-context: 29b38c4bcc2acaa8eff114c1b2f68c32/6842192370454434925;o=1
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: undefined
vary: Accept-Encoding
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 74cf008818749948-FRA
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 script.js Show response
superb-rudolph.raisely.com/ 6 KB
2 KB 99ms
13ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://superb-rudolph.raisely.com/script.js
Requested by: Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: de37a8ced3c2cbbb8703819bf19497c39572df574bef15407936bd3f60cc24f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: 77NEDXY9S90RF6C0
cdn-cachedat: 09/14/2022 23:18:36
cdn-pullzone: 766044
x-amz-id-2: YOIbiHMeDkmQXFBaaROBKU0jwtGA/acUdgll+juMjUS0KMteS9V0k6A35mNby2N+qHwKsx+8uH4=
server: BunnyCDN-AT-731
last-modified: Mon, 12 Sep 2022 15:07:00 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"86eac6eb96c742531f1530d284adc882"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control: public, max-age=0
cdn-requestid: ccc53d58920ef94a6245ccdab222405f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 44ms
20ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material%20Icons|Open+Sans:400,700,400i,700i|Roboto+Flex:400,700,400i,700i|Roboto:400,700,400i,700i,bold,boldi,bold,boldi,bold,boldi,bold,boldi

Requested by

Host: api.raisely.com
URL: https://api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3e758e3805d1be2c556ce79dfe9a7e78d372665240b6924bbcead5c255d317b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.raisely.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 02:48:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 02:48:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 02:48:23 GMT

OPTIONS
H3 200 locate
api.raisely.com/v3/utils/ Frame 0
0 155ms
140ms Preflight
text/plain 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/utils/locate?campaign=083e9c20-298a-11ed-9f39-1d7144ef8c0f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://help-now.safe.org.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://help-now.safe.org.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74cf008c8f339b88-FRA
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 19 Sep 2022 02:48:23 GMT
request-id: c629f415-7263-4212-9073-8b19b311fd1d
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: 9ec9fa94e63cae08494928fb564078d2/9154891189689147669
x-content-type-options: nosniff

GET
H2 200 / Show response
js.stripe.com/v3/ 341 KB
83 KB 108ms
9ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/common+api.29c0e.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

09e4386277bdc6728533219d4ee6375c5eac0c4d8c6ed062737b0a1d092ff1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 33
x-cache: HIT
content-length: 84329
etag: "7f77d5a743432cbf85aab9578a92bdfa"
x-request-id: d4577097-85a7-4b55-a7de-d79b9377c3ed
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 18:11:46 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:23 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H3 200 locate Show response
api.raisely.com/v3/utils/ 29 B
693 B 150ms
148ms Fetch
application/json 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/utils/locate?campaign=083e9c20-298a-11ed-9f39-1d7144ef8c0f

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

416c8ffa1a59d4cae68371a6582210d44fd0aa1539299bc807f345e08dbc0cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://help-now.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: 5969a3d8-4515-4a85-adb0-ad1604256595
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://help-now.safe.org.nz
x-cloud-trace-context: e1ed8570e19dd513a023cf8d829e5611/3141168085204439344
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 74cf008d6fd29b88-FRA
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 Eo4Ym46mcxw Show response
www.youtube.com/embed/ Frame C113 65 KB
27 KB 87ms
63ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/vendor.29c0e.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3c592689c9785a40ef454900cfad61dbc1d4589db59cf19becc2fe5f4f057041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://help-now.safe.org.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Mon, 19 Sep 2022 02:48:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 200 donations
api.raisely.com/v3/ Frame 0
0 139ms
138ms Preflight
text/plain 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/donations?campaign=083e9c20-298a-11ed-9f39-1d7144ef8c0f&displayTotalGT=0&limit=10&offset=0&order=desc&sort=date

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://help-now.safe.org.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://help-now.safe.org.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74cf008e286c9b88-FRA
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 19 Sep 2022 02:48:24 GMT
request-id: 71b0779a-e690-4c97-8499-b4a31657c94c
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: 11cd5dfebfa4e217e08b552b8ee05d52/4578760587640374461
x-content-type-options: nosniff

OPTIONS
H3 200 donations
api.raisely.com/v3/ Frame 0
0 153ms
153ms Preflight
text/plain 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/donations?campaign=083e9c20-298a-11ed-9f39-1d7144ef8c0f&displayTotalGT=0&limit=5&offset=0&order=desc&sort=date

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://help-now.safe.org.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://help-now.safe.org.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74cf008e286e9b88-FRA
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 19 Sep 2022 02:48:24 GMT
request-id: a73b4839-1ccf-48a4-8eb9-7252091e44ee
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: b4304b387f7b77adff7da7d8e6ef2167/3920664700970352709
x-content-type-options: nosniff

OPTIONS
H3 200 select
api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/ Frame 0
0 149ms
149ms Preflight
text/plain 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/select?campaign=083e9c20-298a-11ed-9f39-1d7144ef8c0f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://help-now.safe.org.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://help-now.safe.org.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74cf008e387f9b88-FRA
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 19 Sep 2022 02:48:24 GMT
request-id: 728b969d-b181-4386-ac5f-5d285fe04426
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: 84026b313cd57c3aa4b52d67d2342eef/7237873020913362404
x-content-type-options: nosniff

OPTIONS
H3 200 select
api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/ Frame 0
0 143ms
143ms Preflight
text/plain 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/select?campaign=083e9c20-298a-11ed-9f39-1d7144ef8c0f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://help-now.safe.org.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://help-now.safe.org.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74cf008e38819b88-FRA
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 19 Sep 2022 02:48:24 GMT
request-id: 1debea0b-9303-412e-8196-3139f724b18e
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: 43867b5dda404a12477e98b35f55746c/4160922535913598564
x-content-type-options: nosniff

GET
H2 200 doris-jpg-c2745c.jpg
raisely-images.imgix.net/free-hens/uploads/ 107 KB
107 KB 83ms
14ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/free-hens/uploads/doris-jpg-c2745c.jpg?fit=max&w=2000&auto=format&q=62

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cc0e0dc8b4c0fa856382e562030f5ca48bd27279e85e3404d4e252d4a06fb0ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
x-content-type-options: nosniff
age: 450986
x-cache: HIT, HIT
x-imgix-id: bfef2fb1f35bf39dc9f9b2acf69737742554cd97
content-length: 109596
x-imgix-render-farm: 01.560
last-modified: Tue, 13 Sep 2022 21:31:57 GMT
server: imgix
x-served-by: cache-sjc10065-SJC, cache-fra19157-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 crystal-mirallegro-c-6-gmja-u-wm-bu-unsplash-jpg-c5ff64.jpg
raisely-images.imgix.net/special-virtual-appeal/uploads/ 186 KB
187 KB 233ms
166ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/special-virtual-appeal/uploads/crystal-mirallegro-c-6-gmja-u-wm-bu-unsplash-jpg-c5ff64.jpg?fit=max&w=1024&auto=format&q=62

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

25cd4fc6fb164959da3126b86fca8c41be1b35dbc7d7952d9be27d5724c762f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
x-content-type-options: nosniff
age: 565656
x-cache: HIT, MISS
x-imgix-id: 70f2f8e51fb60530ad41fe0ac2f5cc6c3df76e2f
content-length: 190731
x-imgix-render-farm: 01.560
last-modified: Mon, 12 Sep 2022 13:40:48 GMT
server: imgix
x-served-by: cache-sjc10081-SJC, cache-fra19157-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 gilles-rolland-monnet-r-6-l-abm-6-w-4-y-unsplash-jpg-051d88.jpg
raisely-images.imgix.net/special-virtual-appeal/uploads/ 231 KB
231 KB 96ms
29ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/special-virtual-appeal/uploads/gilles-rolland-monnet-r-6-l-abm-6-w-4-y-unsplash-jpg-051d88.jpg?fit=max&w=1024&auto=format&q=62

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cf4a5827577efb0b940731d56c284dc427963a92861aac865a2f09642ba97f2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Aug 2022 13:06:29 GMT
server: imgix
age: 3505315
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 37a12d2470633dde1290922cb8b834e5e6aa307c
accept-ranges: bytes
content-length: 236318
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10064-SJC, cache-fra19157-FRA

GET
H2 200 berend-leupen-azh-g-vs-f-0-f-us-unsplash-jpg-cd054c.jpg
raisely-images.imgix.net/special-virtual-appeal/uploads/ 180 KB
180 KB 314ms
247ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/special-virtual-appeal/uploads/berend-leupen-azh-g-vs-f-0-f-us-unsplash-jpg-cd054c.jpg?fit=max&w=1024&auto=format&q=62

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

1f3a7de78c23d8d8ebacb0d40132765f8fb79aadca6ec46616d184313fb3b14e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
x-content-type-options: nosniff
age: 2227144
x-cache: HIT, MISS
x-imgix-id: 886f18c245aa6b1c3ed8da971c918d3bfda31ebd
content-length: 184512
x-imgix-render-farm: 01.1
last-modified: Wed, 24 Aug 2022 08:09:19 GMT
server: imgix
x-served-by: cache-sjc10039-SJC, cache-fra19157-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 eyoel-kahssay-fy-cjvy-pg-9-pg-unsplash-jpg-153ca1.jpg
raisely-images.imgix.net/special-virtual-appeal/uploads/ 358 KB
358 KB 242ms
178ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/special-virtual-appeal/uploads/eyoel-kahssay-fy-cjvy-pg-9-pg-unsplash-jpg-153ca1.jpg?flip=h&fit=max&w=2000&auto=format&q=62

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

a30c66be02a91f8ee972bf88539fec6ee0913bfa58cd7775ff6f763290bdfb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
x-content-type-options: nosniff
age: 565655
x-cache: HIT, MISS
x-imgix-id: 844e6b6da0539ff61a644671e16fa5e8638c374c
content-length: 366304
x-imgix-render-farm: 01.560
last-modified: Mon, 12 Sep 2022 13:40:49 GMT
server: imgix
x-served-by: cache-sjc10077-SJC, cache-fra19157-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 NaN4epOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGfttPZktqc2VdZ80KvCLZaPcSBZtOx2MifRuWR28sPJtUMbsFEK6cRrleUx9Xgbm3WLHa_F4Ep4Fm0PN19Ik5Dntczx0wZGzhPlL1YNMYKbv9_1IQXOw7AiUJVXpRJ6cXW4O8TNGoXjC79QRyaLshNDUf3...
fonts.gstatic.com/s/robotoflex/v9/ 19 KB
19 KB 49ms
11ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoflex/v9/NaN4epOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGfttPZktqc2VdZ80KvCLZaPcSBZtOx2MifRuWR28sPJtUMbsFEK6cRrleUx9Xgbm3WLHa_F4Ep4Fm0PN19Ik5Dntczx0wZGzhPlL1YNMYKbv9_1IQXOw7AiUJVXpRJ6cXW4O8TNGoXjC79QRyaLshNDUf3e0O-gn5rrZCu20YNYG0EACUTNK-QKavMlx2JoUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Material%20Icons|Open+Sans:400,700,400i,700i|Roboto+Flex:400,700,400i,700i|Roboto:400,700,400i,700i,bold,boldi,bold,boldi,bold,boldi,bold,boldi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8a61bf09678f1263a12352161d92180fd750b9dab7b7490fabf998fb0f463d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://help-now.safe.org.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:31:58 GMT
x-content-type-options: nosniff
age: 411385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19308
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 19:02:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 08:31:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 46ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://help-now.safe.org.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 554611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 16:44:52 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 125 KB
126 KB 54ms
17ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://help-now.safe.org.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 20:33:24 GMT
x-content-type-options: nosniff
age: 281699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128352
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 20:33:24 GMT

GET
H2 200 blue-full-png-dcc38b.png
raisely-images.imgix.net/free-hens/uploads/ 68 KB
68 KB 12ms
9ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/free-hens/uploads/blue-full-png-dcc38b.png?fit=max&w=1000&auto=format&q=62

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

b0a29af6abd7b7399baf0fa46d962bb273efa7d70042d7fbbaa64948c6025f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
x-content-type-options: nosniff
age: 12882
x-cache: MISS, HIT
x-imgix-id: c9f58f8886f932d07b00a14fe87c92f77a5695e4
content-length: 69278
x-imgix-render-farm: 01.560
last-modified: Sun, 18 Sep 2022 23:13:41 GMT
server: imgix
x-served-by: cache-sjc10082-SJC, cache-fra19157-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 contract-png-e202e6.png
raisely-images.imgix.net/special-virtual-appeal/uploads/ 5 KB
5 KB 165ms
163ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/special-virtual-appeal/uploads/contract-png-e202e6.png?fit=max&w=97.5&auto=format&q=62

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c0e425ecade585e9efcdc3dd3e0d5d97baf7e6c19162304bfa6a2fc2aa269184

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
x-content-type-options: nosniff
age: 1084458
x-cache: HIT, MISS
x-imgix-id: 676af73be65bd9b8098f66c4f1263df42d7a64df
content-length: 5344
x-imgix-render-farm: 01.560
last-modified: Tue, 06 Sep 2022 13:34:06 GMT
server: imgix
x-served-by: cache-sjc10068-SJC, cache-fra19157-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 theme-png-85e5f6.png
raisely-images.imgix.net/special-virtual-appeal/uploads/ 5 KB
6 KB 13ms
11ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/special-virtual-appeal/uploads/theme-png-85e5f6.png?fit=max&w=97.5&auto=format&q=62

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

35ffab8edc29e97e14c1b9e624233b8434e0508c6c4d20448c82bcb3d0e11643

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
x-content-type-options: nosniff
age: 1696571
x-cache: HIT, HIT
x-imgix-id: d18c34a9e99e74b4e5e6994b6e77d64f1573b44a
content-length: 5573
x-imgix-render-farm: 01.1
last-modified: Tue, 30 Aug 2022 11:32:12 GMT
server: imgix
x-served-by: cache-sjc10082-SJC, cache-fra19157-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 construction-png-6967bd.png
raisely-images.imgix.net/special-virtual-appeal/uploads/ 5 KB
5 KB 13ms
11ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/special-virtual-appeal/uploads/construction-png-6967bd.png?fit=max&w=97.5&auto=format&q=62

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

0ee9870d18df955810da252e7bdf864657f3a23fd8c22acab9b77ff645078556

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
x-content-type-options: nosniff
age: 1052960
x-cache: HIT, HIT
x-imgix-id: 7b9b8bf023c29d71d37b90efb59a4a84b04e672c
content-length: 5485
x-imgix-render-farm: 01.1072
last-modified: Tue, 06 Sep 2022 22:19:02 GMT
server: imgix
x-served-by: cache-sjc10044-SJC, cache-fra19157-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 satwik-hegde-a-9-pgc-8-cbfo-unsplash-jpg-8b8ba8.jpg
raisely-images.imgix.net/special-virtual-appeal/uploads/ 59 KB
59 KB 14ms
12ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/special-virtual-appeal/uploads/satwik-hegde-a-9-pgc-8-cbfo-unsplash-jpg-8b8ba8.jpg?w=1000&h=1000&fit=crop&auto=format&q=62

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

edc1224c309f3f6dba409e4b4b16b0c3ced0f71703403c5fbf4f479c6291d926

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Aug 2022 15:36:29 GMT
server: imgix
age: 3496314
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 3de0203ce52b79ce4c2b31a46b28f4f316824af5
accept-ranges: bytes
content-length: 60616
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10064-SJC, cache-fra19157-FRA

GET
H2 200 smile-square-jpg-484235.jpg
raisely-images.imgix.net/new-appeal-template/uploads/ 388 KB
389 KB 213ms
211ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/new-appeal-template/uploads/smile-square-jpg-484235.jpg

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

523078baeace0e78f05b56a76a8cfd56de5734077b2b7fb973b735050635ba21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 Jan 2022 06:09:21 GMT
server: imgix
age: 54029
x-cache: MISS, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 2243c94fb1701ae9bef9b0eb02a20a6b508ae0f7
x-imgix-render-farm: 02.552
accept-ranges: bytes
content-length: 397341
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10020-SJC, cache-fra19157-FRA

GET
H2 200 noaa-p-9-p-gr-qj-jkd-8-unsplash-jpg-81b989.jpg
raisely-images.imgix.net/special-virtual-appeal/uploads/ 1 MB
1 MB 529ms
528ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/special-virtual-appeal/uploads/noaa-p-9-p-gr-qj-jkd-8-unsplash-jpg-81b989.jpg

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cc45db7fe7b252e70201f7084ee4379b8169dd4c17f1a9f11b28a58d22f14f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Feb 2022 03:25:13 GMT
server: imgix
age: 192682
x-cache: HIT, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 052a707750c59b3e112ba626fda99a963d986f34
x-imgix-render-farm: 02.552
accept-ranges: bytes
content-length: 1162355
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10055-SJC, cache-fra19157-FRA

GET
H2 200 joshua-tsu-u-ij-s-jpp-fw-unsplash-jpg-0ffdfe.jpg
raisely-images.imgix.net/special-virtual-appeal/uploads/ 2 MB
2 MB 227ms
226ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/special-virtual-appeal/uploads/joshua-tsu-u-ij-s-jpp-fw-unsplash-jpg-0ffdfe.jpg

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

6f0ebfd4d25bf865533caa0d8fd6bb00aea1c77921e05590efb4b54a95715106

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Feb 2022 03:26:45 GMT
server: imgix
age: 54028
x-cache: MISS, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 56b274649206bc141d40697e4c931916890d4633
x-imgix-render-farm: 02.552
accept-ranges: bytes
content-length: 2355970
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10051-SJC, cache-fra19157-FRA

GET
H2 200 joel-mott-o-9-ogddfvl-u-unsplash-jpg-57218e.jpg
raisely-images.imgix.net/special-virtual-appeal/uploads/ 73 KB
74 KB 165ms
164ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/special-virtual-appeal/uploads/joel-mott-o-9-ogddfvl-u-unsplash-jpg-57218e.jpg?w=600&h=600&fit=crop&auto=format&q=62

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

15890904715929f6944522e202b2cf54d61abeacf89ad293bf42c4da7aac68c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
x-content-type-options: nosniff
age: 1690510
x-cache: HIT, MISS
x-imgix-id: ac85b560eaf0f83612e23e57b0cea0801de8dafc
content-length: 75107
x-imgix-render-farm: 01.1
last-modified: Tue, 30 Aug 2022 13:13:13 GMT
server: imgix
x-served-by: cache-sjc10074-SJC, cache-fra19157-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 dummy-sponsor-png-706249.png
raisely-images.imgix.net/new-appeal-template/uploads/ 14 KB
14 KB 164ms
164ms Image
image/png 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/new-appeal-template/uploads/dummy-sponsor-png-706249.png

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

9b3a2f3e39ee7f85aeff60fa8a1d863496fac428e939d631a312f0e0bf1873d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 10 Jan 2022 21:03:29 GMT
server: imgix
age: 192114
x-cache: HIT, MISS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: e04cc14de298867a4e14fcc0b728355f4894e330
x-imgix-render-farm: 02.552
accept-ranges: bytes
content-length: 14031
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10049-SJC, cache-fra19157-FRA

GET
H3 200 donations Show response
api.raisely.com/v3/ 2 KB
2 KB 757ms
756ms Fetch
application/json 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/donations?campaign=083e9c20-298a-11ed-9f39-1d7144ef8c0f&displayTotalGT=0&limit=10&offset=0&order=desc&sort=date

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b426bb3142df225c1f448f4467f285b92d3482e08ca9f4f7099611db45df27eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://help-now.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: 6b13f533-efb8-4c7b-b2e9-b0a01efa5a8c
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://help-now.safe.org.nz
x-cloud-trace-context: b28a4bf5468bddcd62917aac0f07561d/17571466648267974295
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 74cf008f09289b88-FRA
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H3 200 donations Show response
api.raisely.com/v3/ 2 KB
2 KB 489ms
486ms Fetch
application/json 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/donations?campaign=083e9c20-298a-11ed-9f39-1d7144ef8c0f&displayTotalGT=0&limit=5&offset=0&order=desc&sort=date

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d2cd99c6b8da7923dd000ebcaa342505f6a6d1a9efe914b24dc18b8d16816dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://help-now.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: 9dde0ba3-4ea0-4193-a290-33d756b3263c
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://help-now.safe.org.nz
x-cloud-trace-context: def9bb210af51f41005865b480f8e0a1/11244958386015052011;o=1
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 74cf008f39419b88-FRA
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

POST
H3 200 select Show response
api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/ 187 B
846 B 161ms
159ms Fetch
application/json 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/select?campaign=083e9c20-298a-11ed-9f39-1d7144ef8c0f

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8c07159630037d681b24f395800599f85865ef961db8f1c1983f50adfcbdb72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://help-now.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: 6540510f-2d71-47f0-b76e-c3f64ce8679a
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://help-now.safe.org.nz
x-cloud-trace-context: 74701c212032abe5efea5c42435e7863/3347033388932863656
cache-control: public, max-age=300, s-maxage=300
access-control-allow-credentials: true
cf-ray: 74cf008f39439b88-FRA
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

POST
H3 200 select Show response
api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/ 187 B
847 B 157ms
156ms Fetch
application/json 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/select?campaign=083e9c20-298a-11ed-9f39-1d7144ef8c0f

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8c07159630037d681b24f395800599f85865ef961db8f1c1983f50adfcbdb72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://help-now.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: 7ecde6b8-db8c-42f4-a4ab-cdf3a3930696
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://help-now.safe.org.nz
x-cloud-trace-context: 8b05f931b94b7604b62cac656be6973e/15621468837048385772
cache-control: public, max-age=300, s-maxage=300
access-control-allow-credentials: true
cf-ray: 74cf008f39409b88-FRA
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 313 KB
85 KB 29ms
13ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=f1213003551dfc47e4c890bdbf94d112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7075dcdf007b578f3a377651395201c80dc1b81b2dc9093e4dde64b036821806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://help-now.safe.org.nz/
Origin: https://help-now.safe.org.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jNVsh2L85h9ZEHHAOZCdgA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87234
x-fb-rlafr: 0
x-fb-debug: 3dJ7zF1yfh/TihZjOJbUEDLWMeigvLCbl8pP/RaON3CRdfhqYKeNtjRkhIa50OA28JEt8LVs7q7dru4e5ewHdw==
x-fb-content-md5: 395ef376ad2a986d9e6f90e080eda1c7
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "880dab5fc38f2e0381458f6aa0484bb0"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 19 Sep 2023 01:35:37 GMT

GET
BLOB 200
OK 21d307c9-672a-4e13-8ad4-443d0c26e0fd
https://help-now.safe.org.nz/ 9 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://help-now.safe.org.nz/21d307c9-672a-4e13-8ad4-443d0c26e0fd
Requested by: Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c50ea820fcf5b6a29e3b03d92abb22ca9322d98814d4b6ae36475acb2d5ce4ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 9021
Content-Type: text/javascript

GET
H3 200 www-player.css
www.youtube.com/s/player/a97e97de/ Frame C113 355 KB
48 KB 27ms
8ms Stylesheet
text/css 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a97e97de/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ecc94d599b99d64bc98482b647a573fde50858c7a6116bd85010cd678c22ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 03:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258139
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49363
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 21:54:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 16 Sep 2023 03:06:05 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/a97e97de/www-embed-player.vflset/ Frame C113 309 KB
96 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a97e97de/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0e8ef0b8b33b0a1939a1f18ac8242ce9dff985f774a4b216324e9ba7248cd87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 03:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97939
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 21:54:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 16 Sep 2023 03:05:58 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/ Frame C113 2 MB
577 KB 41ms
23ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6fc00dfb8e0e17becd6731594814432407728ec1d35e85d6dce3b8906c563dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 03:06:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258099
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 590880
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 21:54:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 16 Sep 2023 03:06:45 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/a97e97de/fetch-polyfill.vflset/ Frame C113 9 KB
3 KB 39ms
21ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a97e97de/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 03:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 21:54:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 16 Sep 2023 03:05:58 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C113 15 KB
15 KB 89ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 466903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 13 Sep 2023 17:06:41 GMT

OPTIONS
H3 200 select
api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/ Frame 0
0 211ms
211ms Preflight
text/plain 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/select?campaign=083e9c20-298a-11ed-9f39-1d7144ef8c0f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://help-now.safe.org.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://help-now.safe.org.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74cf008f69609b88-FRA
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 19 Sep 2022 02:48:24 GMT
request-id: 55ea6859-e4b9-410d-bcf6-ce49c6ae7f21
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: aa808263b4fbbc841e37de8b2a0a5bfb/16617603219157883999
x-content-type-options: nosniff

OPTIONS
H3 200 select
api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/ Frame 0
0 144ms
144ms Preflight
text/plain 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/select?campaign=083e9c20-298a-11ed-9f39-1d7144ef8c0f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://help-now.safe.org.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://help-now.safe.org.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74cf008f79619b88-FRA
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 19 Sep 2022 02:48:24 GMT
request-id: 8f9647a4-c472-4cb3-bd57-bd9eee33d012
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: 55da2a9ea036c552a30086d24e054988/8802560323598824707
x-content-type-options: nosniff

POST
H3 200 select Show response
api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/ 187 B
847 B 242ms
241ms Fetch
application/json 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/select?campaign=083e9c20-298a-11ed-9f39-1d7144ef8c0f

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8c07159630037d681b24f395800599f85865ef961db8f1c1983f50adfcbdb72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://help-now.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: edb5b044-28ac-47d2-86e8-1e7b531b55e7
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://help-now.safe.org.nz
x-cloud-trace-context: 3ead06f28c75536229c6b2614f9bfce0/10277606436285161867
cache-control: public, max-age=300, s-maxage=300
access-control-allow-credentials: true
cf-ray: 74cf0090ca649b88-FRA
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

POST
H3 200 select Show response
api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/ 187 B
849 B 157ms
157ms Fetch
application/json 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/providers/select?campaign=083e9c20-298a-11ed-9f39-1d7144ef8c0f

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8c07159630037d681b24f395800599f85865ef961db8f1c1983f50adfcbdb72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://help-now.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: 0a3ecd95-bdb4-43dc-9afd-79c39b6beb07
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://help-now.safe.org.nz
x-cloud-trace-context: 3c80f87f0bf10b05e57f2d4663e3c6fc/437043725462838324;o=1
cache-control: public, max-age=300, s-maxage=300
access-control-allow-credentials: true
cf-ray: 74cf00905a0f9b88-FRA
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H3 200 pages Show response
api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/ 96 KB
12 KB 994ms
993ms Fetch
application/json 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/pages?client=1&limit=999

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cecf1ef5fb5bf9d570548b3cae9efa8cccae10bf92f51cd1a62102b5b5928d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://help-now.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: da67bcbf-2ac0-423b-8937-4d2331134916
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://help-now.safe.org.nz
x-cloud-trace-context: fbae28821cdcf7677e94d06a0793e777/17737343366719844380;o=1
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 74cf0090ea789b88-FRA
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

OPTIONS
H3 200 pages
api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/ Frame 0
0 207ms
207ms Preflight
text/plain 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/083e9c20-298a-11ed-9f39-1d7144ef8c0f/pages?client=1&limit=999

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://help-now.safe.org.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://help-now.safe.org.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74cf008f997e9b88-FRA
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 19 Sep 2022 02:48:24 GMT
request-id: 4e1fe2a1-c141-4941-972f-9f3b6e1e12ba
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: 8d055825121a5e9074fa88b327c8ce52/6634448050778708552
x-content-type-options: nosniff

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 45ms
13ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=503953866403695&ev=fb_page_view&dl=https%3A%2F%2Fhelp-now.safe.org.nz%2F&rl=&if=false&ts=1663555704295&sw=1600&sh=1200&at=

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 19 Sep 2022 02:48:24 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame C113
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

55ms
17ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b41f8b5f38e4610eacfc0973cf7a65e774b13f9216658aa0d3f8d19a45069fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 19 Sep 2022 02:48:24 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C113 29 B
587 B 36ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a97e97de/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:34:42 GMT
x-content-type-options: nosniff
age: 822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 19 Sep 2022 02:49:42 GMT

GET
H3 204 t
api.raisely.com/v3/ 0
0 140ms
140ms Fetch
text/html 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/t?p=eyJjIjoiMDgzZTljMjAtMjk4YS0xMWVkLTlmMzktMWQ3MTQ0ZWY4YzBmIiwicyI6Ijh2cXljOGExZ2kydHZidGxnczc4c2EiLCJlIjoicGFnZS52aWV3ZWQiLCJ0Ijp7fSwiciI6IiJ9

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: 1e1c9ad8-6ab0-4cc4-bb68-410e943314a8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: text/html
access-control-allow-origin: https://help-now.safe.org.nz
x-cloud-trace-context: 3cbe61985db4456f0007c72efcf8b184/11884155044826414504
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 74cf0090aa4d9b88-FRA
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

POST
H2 200 /
superb-rudolph.raisely.com/ 43 B
411 B 34ms
33ms Ping
image/gif 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://superb-rudolph.raisely.com/?v=eyI3MDQzNjg0NCI6NzA0MzY4NDQsImdjb2RlIjoiVE1PWVVJRkYiLCJxcyI6e30sInAiOiIvIiwiaCI6Imh0dHBzOi8vaGVscC1ub3cuc2FmZS5vcmcubnoiLCJyIjoiIiwic2lkIjoiR1RJUlJXRkYiLCJjaWQiOjcwNDM2ODQ0fQ%3D%3D
Requested by: Host: superb-rudolph.raisely.com
URL: https://superb-rudolph.raisely.com/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
cdn-edgestorageid: 731
cdn-cachedat: 09/19/2022 02:48:24
cdn-pullzone: 766044
content-length: 43
server: BunnyCDN-AT-731
pragma: no-cache
cdn-proxyver: 1.02
cdn-requestpullcode: 200
tk: N
content-type: text/plain; charset=utf-8, image/gif
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control: public, max-age=0
cdn-requestid: b6db72052eb9c591009cd853fe092247
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 204 t
api.raisely.com/v3/ 0
0 138ms
137ms Fetch
text/html 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/t?p=eyJjIjoiMDgzZTljMjAtMjk4YS0xMWVkLTlmMzktMWQ3MTQ0ZWY4YzBmIiwicyI6Ijh2cXljOGExZ2kydHZidGxnczc4c2EiLCJlIjoiZG9uYXRpb24uZm9ybUxvYWRlZCIsInQiOnt9LCJyIjoiIn0=

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: f35fc89c-f303-4d2a-88cf-49ce8fec4dbd
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: text/html
access-control-allow-origin: https://help-now.safe.org.nz
x-cloud-trace-context: ec5eae1ecea9ded325cd45eac09bf969/1199248847058015335;o=1
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 74cf0090aa4e9b88-FRA
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

POST
H2 200 /
superb-rudolph.raisely.com/ 43 B
411 B 234ms
233ms Ping
image/gif 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://superb-rudolph.raisely.com/?v=eyIzNzM4NjQ5OSI6MzczODY0OTksImdjb2RlIjoiVE1PWVVJRkYiLCJxcyI6e30sInAiOiIvIiwiaCI6Imh0dHBzOi8vaGVscC1ub3cuc2FmZS5vcmcubnoiLCJyIjoiIiwic2lkIjoiR1RJUlJXRkYiLCJjaWQiOjM3Mzg2NDk5fQ%3D%3D
Requested by: Host: superb-rudolph.raisely.com
URL: https://superb-rudolph.raisely.com/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
cdn-edgestorageid: 731
cdn-cachedat: 09/19/2022 02:48:24
cdn-pullzone: 766044
content-length: 43
server: BunnyCDN-AT-731
pragma: no-cache
cdn-proxyver: 1.02
cdn-requestpullcode: 200
tk: N
content-type: text/plain; charset=utf-8, image/gif
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control: public, max-age=0
cdn-requestid: e5ffdae6c091a2bbd9d53dd6bab411be
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 204 t
api.raisely.com/v3/ 0
0 142ms
142ms Fetch
text/html 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/t?p=eyJjIjoiMDgzZTljMjAtMjk4YS0xMWVkLTlmMzktMWQ3MTQ0ZWY4YzBmIiwicyI6Ijh2cXljOGExZ2kydHZidGxnczc4c2EiLCJlIjoiZG9uYXRpb24uZm9ybUxvYWRlZCIsInQiOnt9LCJyIjoiIn0=

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: dd51ecbd-5941-40f2-8c5d-95c66acb02c1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: text/html
access-control-allow-origin: https://help-now.safe.org.nz
x-cloud-trace-context: 68307ba391f1b173f57f2edb778579ba/3235982259772003186
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 74cf0090aa4f9b88-FRA
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 /
superb-rudolph.raisely.com/ 43 B
426 B 432ms
431ms Image
image/gif 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://superb-rudolph.raisely.com/?v=eyIyNDcyNzI2MCI6MjQ3MjcyNjAsImgiOiJodHRwczovL2hlbHAtbm93LnNhZmUub3JnLm56IiwicCI6Ii8iLCJyIjoiIiwic2lkIjoiR1RJUlJXRkYiLCJxcyI6e30sImNpZCI6MjQ3MjcyNjB9
Requested by: Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
cdn-edgestorageid: 731
cdn-cachedat: 09/19/2022 02:48:24
cdn-pullzone: 766044
content-length: 43
server: BunnyCDN-AT-731
pragma: no-cache
cdn-proxyver: 1.02
cdn-requestpullcode: 200
tk: N
content-type: text/plain; charset=utf-8, image/gif
cdn-cache: MISS
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control: public, max-age=0
cdn-requestid: 9e9df0d2a89c067d3844db4638747dad
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 controller-6c721f944c2e48601d79113f9d7854aa.html Show response
js.stripe.com/v3/ Frame A552 297 B
629 B 9ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4282224a008d775bc000abe53fabf696198e22e65aadf0063fac3aad50e90d22

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://help-now.safe.org.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 49
cache-control: max-age=60
content-encoding: br
content-length: 144
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 02:48:24 GMT
etag: "6c721f944c2e48601d79113f9d7854aa"
last-modified: Fri, 16 Sep 2022 17:52:49 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4
x-content-type-options: nosniff
x-request-id: 378d2d42-5a20-4113-bdff-d72e4156527b
x-served-by: cache-hhn4042-HHN

GET
H2 200 payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html Show response
js.stripe.com/v3/ Frame 988E 380 B
884 B 9ms
9ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

313a6a4dff0b7cd4800ddcb07017fb1bf186020d98b8c724e1c75fd306ca148c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://help-now.safe.org.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 25
cache-control: max-age=60
content-encoding: br
content-length: 173
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; font-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 02:48:24 GMT
etag: "7ed76bc3ef324c168bfe3e2a1008f7af"
last-modified: Fri, 16 Sep 2022 17:52:58 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 56e3f39b-579e-47ca-bc2f-565ade7f58ad
x-served-by: cache-hhn4042-HHN

GET
H2 200 payment-request-inner-browser-7b1c34f1eb8240a851a7663ba023ff47.html Show response
js.stripe.com/v3/ Frame 0738 316 B
1 KB 9ms
8ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-7b1c34f1eb8240a851a7663ba023ff47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9480cb4a593a4bd917aebc87926f15279f159c13f73559594ad63b2a2ef3cb0e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://help-now.safe.org.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 59
cache-control: max-age=60
content-encoding: br
content-length: 149
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 02:48:24 GMT
etag: "7b1c34f1eb8240a851a7663ba023ff47"
last-modified: Fri, 16 Sep 2022 17:52:58 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 7d8c7c3a-73be-4ede-b0ea-a663ec8a13d8
x-served-by: cache-hhn4042-HHN

GET
H2 200 controller-6c721f944c2e48601d79113f9d7854aa.html Show response
js.stripe.com/v3/ Frame 7FE8 297 B
249 B 12ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4282224a008d775bc000abe53fabf696198e22e65aadf0063fac3aad50e90d22

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://help-now.safe.org.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 49
cache-control: max-age=60
content-encoding: br
content-length: 144
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 02:48:24 GMT
etag: "6c721f944c2e48601d79113f9d7854aa"
last-modified: Fri, 16 Sep 2022 17:52:49 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 5
x-content-type-options: nosniff
x-request-id: 3f19e866-1ff0-4189-afed-70d0f382b9ea
x-served-by: cache-hhn4042-HHN

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 53ms
25ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 19 Sep 2022 02:48:24 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C113 66 KB
30 KB 47ms
24ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1d9d6947809156a399432448f7d38af1a9f7c9384a1a0a4790b96de6752f014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30665
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/ Frame C113 120 KB
37 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f06a2dca8699c524f629e74dab5f4d02e33d74f7262f02317aa7d1a26ff5617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 03:09:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37832
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 21:54:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 16 Sep 2023 03:09:02 GMT

GET
H2 200 8jEuNRvllEtFmLzioZdbHhRQ_2cTQWhd6LiOGRrTeiw.js Show response
www.google.com/js/th/ Frame C113 36 KB
14 KB 39ms
7ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/8jEuNRvllEtFmLzioZdbHhRQ_2cTQWhd6LiOGRrTeiw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2312e351be5944b4598bce2a1975b1e1450ff671341685de8b88e191ad37a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:30:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 415053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14184
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 07:30:51 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/ Frame C113 28 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37744dd6ea73d64cf2caa1fab78b449e84d77693a68c0baf9b724b1fbb6722a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 03:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8428
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 21:54:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 16 Sep 2023 03:11:10 GMT

GET
DATA 200
OK truncated
/ Frame C113 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu8i9WhKoaSpRz5vVxLeQ6tt-r1Ux5YqHB02wSrs=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame C113 3 KB
3 KB 52ms
23ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu8i9WhKoaSpRz5vVxLeQ6tt-r1Ux5YqHB02wSrs=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00edbb5cba4de3e007abc081e2350977929dc9835e163b27171f26f7d82fbf79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3133
x-xss-protection: 0
server: fife
etag: "v5f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 19 Sep 2022 19:38:50 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/Eo4Ym46mcxw/ Frame C113 14 KB
14 KB 130ms
59ms Image
image/webp 2a00:1450:4001:802::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/Eo4Ym46mcxw/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

effc224cadf5e8c8e3d27c82708ace3f77a0cc48ab237b4e9de5fd6a06616828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
x-content-type-options: nosniff
server: sffe
etag: "1662604240"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13840
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 19 Sep 2022 04:48:24 GMT

GET
H2 200 payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html Show response
js.stripe.com/v3/ Frame 4FE8 380 B
250 B 8ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

313a6a4dff0b7cd4800ddcb07017fb1bf186020d98b8c724e1c75fd306ca148c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://help-now.safe.org.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 25
cache-control: max-age=60
content-encoding: br
content-length: 173
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; font-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 02:48:24 GMT
etag: "7ed76bc3ef324c168bfe3e2a1008f7af"
last-modified: Fri, 16 Sep 2022 17:52:58 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: 46642070-47b9-43b1-8a8d-b4ab0c4d7dea
x-served-by: cache-hhn4042-HHN

GET
H2 200 payment-request-inner-browser-7b1c34f1eb8240a851a7663ba023ff47.html Show response
js.stripe.com/v3/ Frame E49F 316 B
265 B 12ms
10ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-7b1c34f1eb8240a851a7663ba023ff47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9480cb4a593a4bd917aebc87926f15279f159c13f73559594ad63b2a2ef3cb0e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://help-now.safe.org.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 59
cache-control: max-age=60
content-encoding: br
content-length: 149
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 02:48:24 GMT
etag: "7b1c34f1eb8240a851a7663ba023ff47"
last-modified: Fri, 16 Sep 2022 17:52:58 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: 9acecd2e-b35b-4322-803f-1ffcf2a8f031
x-served-by: cache-hhn4042-HHN

POST
H2 200 csp-report
q.stripe.com/ Frame A552 0
570 B 725ms
351ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 988E 0
570 B 726ms
352ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 988E 0
570 B 726ms
354ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 0738 0
570 B 726ms
354ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 0738 0
570 B 726ms
354ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7FE8 0
570 B 724ms
353ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-34e5a0ac7505c6d671767379211ed2bb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A552 309 KB
71 KB 10ms
8ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cf9256e5762f3ba4f224a0db1d07bbc976fa5b39729019e2bd8c69c446e0372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 30
x-cache: HIT
content-length: 72566
etag: "131d0cff07a83262f08e54b2424bb5cb"
x-request-id: 6d285c2f-7f38-4461-b57e-c41feb8abf4f
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 17:52:58 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H2 200 controller-fa54d311f83b093f6315a8404fe9f1de.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A552 361 KB
91 KB 13ms
11ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-fa54d311f83b093f6315a8404fe9f1de.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

434d631dfd537819c6866ca832c244ee3936108127beae3f111f777410ff849d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 32
x-cache: HIT
content-length: 92771
etag: "7455e780d42639465db2763ef853be0b"
x-request-id: dae00fcc-64d5-4599-b0f6-48503ccac94c
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 17:52:56 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 988E 101 KB
32 KB 147ms
74ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71a4954bfc82b7512ffe6f4c8a53e763a37157f399c94b13b2fe4bd423b5e86e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iLg9_GJtZ4SvuNxusz0N2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-iLg9_GJtZ4SvuNxusz0N2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
expires: Mon, 19 Sep 2022 02:48:24 GMT

GET
H2 200 shared-34e5a0ac7505c6d671767379211ed2bb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 988E 309 KB
71 KB 11ms
10ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cf9256e5762f3ba4f224a0db1d07bbc976fa5b39729019e2bd8c69c446e0372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 30
x-cache: HIT
content-length: 72566
etag: "131d0cff07a83262f08e54b2424bb5cb"
x-request-id: aed57190-b2e3-490f-b241-1cdedc414b7e
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 17:52:58 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

GET
H2 200 payment-request-inner-google-pay-8e0815e7906b75cd664a980acbc2e617.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 988E 14 KB
5 KB 19ms
19ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-8e0815e7906b75cd664a980acbc2e617.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

024a435dcde1fb6677eb40f9dad2563e398d1b4725d423e9970e354c5de599ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 58
x-cache: HIT
content-length: 4766
etag: "78f5d77dc033cc5f76ec923bd3dcd824"
x-request-id: c61061ab-cdd9-4079-8e36-dd9875f11d72
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 17:52:57 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 shared-34e5a0ac7505c6d671767379211ed2bb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0738 309 KB
71 KB 19ms
18ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-7b1c34f1eb8240a851a7663ba023ff47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cf9256e5762f3ba4f224a0db1d07bbc976fa5b39729019e2bd8c69c446e0372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-7b1c34f1eb8240a851a7663ba023ff47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 30
x-cache: HIT
content-length: 72566
etag: "131d0cff07a83262f08e54b2424bb5cb"
x-request-id: 9ed66ca3-037b-4586-8c3e-97154657a6ce
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 17:52:58 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

GET
H2 200 payment-request-inner-browser-845ba94dda4b1d1f45fdb8b8b04b5014.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0738 12 KB
5 KB 18ms
17ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-845ba94dda4b1d1f45fdb8b8b04b5014.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-7b1c34f1eb8240a851a7663ba023ff47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8c3392e876d4b5c778e0d0ae787502252e3353b59149063e1f6a1a85216cb9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-7b1c34f1eb8240a851a7663ba023ff47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 58
x-cache: HIT
content-length: 4424
etag: "13563263f55505d5822aae879d83b8c6"
x-request-id: 7a261612-9425-4d71-b9e1-e61d19df8505
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 17:52:57 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

POST
H2 200 csp-report
q.stripe.com/ Frame 4FE8 0
570 B 655ms
351ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4FE8 0
570 B 655ms
352ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E49F 0
570 B 615ms
353ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E49F 0
571 B 613ms
350ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-34e5a0ac7505c6d671767379211ed2bb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7FE8 309 KB
71 KB 8ms
8ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cf9256e5762f3ba4f224a0db1d07bbc976fa5b39729019e2bd8c69c446e0372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 30
x-cache: HIT
content-length: 72566
etag: "131d0cff07a83262f08e54b2424bb5cb"
x-request-id: bf1d92c3-5258-4381-845e-9130580a63e6
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 17:52:58 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9

GET
H2 200 controller-fa54d311f83b093f6315a8404fe9f1de.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7FE8 361 KB
91 KB 11ms
10ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-fa54d311f83b093f6315a8404fe9f1de.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

434d631dfd537819c6866ca832c244ee3936108127beae3f111f777410ff849d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 32
x-cache: HIT
content-length: 92771
etag: "7455e780d42639465db2763ef853be0b"
x-request-id: bc8ac4b2-c9e2-4b3c-a74a-aeacbf1f03c7
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 17:52:56 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 4FE8 101 KB
33 KB 83ms
70ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71a4954bfc82b7512ffe6f4c8a53e763a37157f399c94b13b2fe4bd423b5e86e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-AXDIdAPYIIBwP5EUukKHKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-AXDIdAPYIIBwP5EUukKHKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
expires: Mon, 19 Sep 2022 02:48:24 GMT

GET
H2 200 shared-34e5a0ac7505c6d671767379211ed2bb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4FE8 309 KB
71 KB 20ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cf9256e5762f3ba4f224a0db1d07bbc976fa5b39729019e2bd8c69c446e0372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 30
x-cache: HIT
content-length: 72566
etag: "131d0cff07a83262f08e54b2424bb5cb"
x-request-id: 2f411e78-49bf-477b-bfdc-cb5e7a0af805
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 17:52:58 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10

GET
H2 200 payment-request-inner-google-pay-8e0815e7906b75cd664a980acbc2e617.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4FE8 14 KB
5 KB 24ms
12ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-8e0815e7906b75cd664a980acbc2e617.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

024a435dcde1fb6677eb40f9dad2563e398d1b4725d423e9970e354c5de599ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7ed76bc3ef324c168bfe3e2a1008f7af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 58
x-cache: HIT
content-length: 4766
etag: "78f5d77dc033cc5f76ec923bd3dcd824"
x-request-id: 7a6114db-b22b-4a29-86d1-84b0f5859735
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 17:52:57 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 shared-34e5a0ac7505c6d671767379211ed2bb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E49F 309 KB
71 KB 17ms
12ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-7b1c34f1eb8240a851a7663ba023ff47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cf9256e5762f3ba4f224a0db1d07bbc976fa5b39729019e2bd8c69c446e0372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-7b1c34f1eb8240a851a7663ba023ff47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 30
x-cache: HIT
content-length: 72566
etag: "131d0cff07a83262f08e54b2424bb5cb"
x-request-id: 0640bf6c-47be-4f07-9c76-ed6b40690f11
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 17:52:58 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11

GET
H2 200 payment-request-inner-browser-845ba94dda4b1d1f45fdb8b8b04b5014.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E49F 12 KB
5 KB 15ms
10ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-845ba94dda4b1d1f45fdb8b8b04b5014.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-7b1c34f1eb8240a851a7663ba023ff47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8c3392e876d4b5c778e0d0ae787502252e3353b59149063e1f6a1a85216cb9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-7b1c34f1eb8240a851a7663ba023ff47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 59
x-cache: HIT
content-length: 4424
etag: "13563263f55505d5822aae879d83b8c6"
x-request-id: fb89f853-8568-4a33-a0e5-4090b33a6c7a
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 17:52:57 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://help-now.safe.org.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 220855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Sep 2023 13:27:29 GMT

GET
H2 200 1489-8b86da401d493fc7478fbafda5019691.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A552 231 KB
47 KB 8ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/1489-8b86da401d493fc7478fbafda5019691.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-fa54d311f83b093f6315a8404fe9f1de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 39
x-cache: HIT
content-length: 47921
etag: "ab675b71d19378124fcdf3c0f6dad353"
x-request-id: ad9c7745-b8ff-4deb-b3b7-12d4ad9fa3cc
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 17:52:54 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A552 2 KB
906 B 11ms
11ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-fa54d311f83b093f6315a8404fe9f1de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 48
x-cache: HIT
content-length: 770
etag: "f1717e2e478c68d16ccd7b37768700be"
x-request-id: 9543c236-ee0d-445b-ad1b-7a61463a008f
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 20:31:43 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame A552 474 B
606 B 25ms
7ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9038eec8585818c01dcdd60af92c6eee614a23f067f8d1569101510f3d0a526a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
content-encoding: br
vary: Accept-Encoding
age: 46
x-cache: HIT
content-length: 297
x-request-id: 00778ee8-b07d-495a-be2e-cf0c2d9ea29c
x-served-by: cache-hhn4063-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 18:11:48 GMT
server: Fastly
etag: "33d478e40bbf8c3963843f26cf60f149"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H3 204 generate_204
www.youtube.com/ Frame C113 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?gKsMtg
Requested by: Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C113 4 KB
3 KB 42ms
17ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 02:48:24 GMT

GET
H2 200 1489-8b86da401d493fc7478fbafda5019691.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7FE8 231 KB
47 KB 8ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/1489-8b86da401d493fc7478fbafda5019691.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-fa54d311f83b093f6315a8404fe9f1de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 47921
etag: "ab675b71d19378124fcdf3c0f6dad353"
x-request-id: dfd42717-4df7-48d1-a689-82c7d235fce1
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 17:52:54 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7FE8 2 KB
865 B 9ms
9ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-fa54d311f83b093f6315a8404fe9f1de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 48
x-cache: HIT
content-length: 770
etag: "f1717e2e478c68d16ccd7b37768700be"
x-request-id: 72891030-e701-4d56-86eb-b5c5bc9350d0
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 20:31:43 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 7FE8 474 B
371 B 8ms
7ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9038eec8585818c01dcdd60af92c6eee614a23f067f8d1569101510f3d0a526a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-6c721f944c2e48601d79113f9d7854aa.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 19 Sep 2022 02:48:24 GMT
content-encoding: br
vary: Accept-Encoding
age: 46
x-cache: HIT
content-length: 297
x-request-id: f4842073-543d-400f-b5cd-52a2a527a78e
x-served-by: cache-hhn4063-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 18:11:48 GMT
server: Fastly
etag: "33d478e40bbf8c3963843f26cf60f149"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 7090 18 KB
7 KB 114ms
71ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2050362889acbc224a08ba5b80f58289ca3b3b4ba0abc4684c17b0ae708cdd51

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-x0Qe2v_GS4ATQk2EOUIJzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-x0Qe2v_GS4ATQk2EOUIJzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 914A 18 KB
7 KB 116ms
74ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d851be3abf4964c67dad211d161ebee06fe59e358c7b4605a56e0e763e2be22

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cNtTOJg9tkOoJlmEqwQcPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cNtTOJg9tkOoJlmEqwQcPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/105/ Frame C113 52 KB
15 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/105/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 07:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 15:05:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 19 Sep 2022 07:13:20 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C113 90 B
134 B 18ms
18ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c51a67387b8252e3e55cf297927924f3322120503fdd430c25105b0e7f082dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 19 Sep 2022 02:48:25 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 368ms
332ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 370ms
334ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 368ms
333ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 374ms
339ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 369ms
335ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 371ms
337ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 374ms
340ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 374ms
340ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 371ms
338ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 372ms
340ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 369ms
337ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 383ms
351ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 365ms
334ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 363ms
332ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 527ms
502ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 356ms
330ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 355ms
330ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 360ms
336ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 355ms
331ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 356ms
331ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 362ms
338ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 364ms
341ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 362ms
339ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 378ms
355ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 377ms
354ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 377ms
355ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 358ms
336ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 355ms
333ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 354ms
335ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 353ms
336ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 7090 2 KB
2 KB 20ms
20ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri... Frame 7090 153 KB
54 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd18c4dbec8a4fe349255f4e5a35d9757cfa9c1e50daa337059d099118c8b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 16:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55113
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 05:25:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 16:15:03 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 914A 2 KB
2 KB 19ms
19ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri... Frame 914A 153 KB
54 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd18c4dbec8a4fe349255f4e5a35d9757cfa9c1e50daa337059d099118c8b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 16:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55113
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 05:25:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 16:15:03 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4... Frame 7090 78 KB
28 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4xZHJoyWM.L.B1.O/am=B4A/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgxRhgQ_eZjmCM8K5cGIvMLciznXQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8e68591784cfded415de1a9f6a6c79183971b9458560dce6ece10c138952703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 16:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29016
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 23:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 16:46:26 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4... Frame 914A 78 KB
28 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8e68591784cfded415de1a9f6a6c79183971b9458560dce6ece10c138952703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 16:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29016
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 23:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 16:46:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 7090 49 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4xZHJoyWM.L.B1.O/am=B4A/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgxRhgQ_eZjmCM8K5cGIvMLciznXQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6385
date: Mon, 19 Sep 2022 01:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 19 Sep 2022 03:02:00 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 7090 1 MB
353 KB 75ms
74ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

adb172e407e8cab1d00a36f1ade3ac8a41b4f05d3ffd7622500ce38c36cb7529

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-j3JfN3dIYu_7XbjrqsUV2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
date: Mon, 19 Sep 2022 02:48:25 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-j3JfN3dIYu_7XbjrqsUV2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
expires: Mon, 19 Sep 2022 02:48:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 914A 49 KB
20 KB 16ms
10ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4xZHJoyWM.L.B1.O/am=B4A/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgxRhgQ_eZjmCM8K5cGIvMLciznXQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6385
date: Mon, 19 Sep 2022 01:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 19 Sep 2022 03:02:00 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 914A 1 MB
353 KB 77ms
77ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb4458da29a6c1d7a4d001d06f09513c546741322c6b4a6d8fec4b5830a7be04

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-01eaJEtP776-pvtf5wl8sA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
date: Mon, 19 Sep 2022 02:48:25 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-01eaJEtP776-pvtf5wl8sA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Mon, 19 Sep 2022 02:48:25 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4... Frame 7090 18 KB
7 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4xZHJoyWM.L.B1.O/am=B4A/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgxRhgQ_eZjmCM8K5cGIvMLciznXQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a88df5478f6afd3e15676a143f0b0b8e0e8c87f03b4c1a908cef98c1402201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 16:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7399
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 23:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 16:46:27 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4... Frame 7090 37 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4xZHJoyWM.L.B1.O/am=B4A/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgxRhgQ_eZjmCM8K5cGIvMLciznXQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59b29cf164ab12b5d1220067310ebc72a95a9190969e5e78caa80489bf00d95f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 16:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13983
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 23:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 16:46:27 GMT

POST
H3 200 log Show response
play.google.com/ Frame 7090 131 B
155 B 42ms
21ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 229ms
16ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 7090 131 B
155 B 38ms
21ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 223ms
18ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 7090 131 B
155 B 41ms
23ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 213ms
18ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 202ms
17ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 7090 131 B
155 B 45ms
26ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

POST
H3 200 log Show response
play.google.com/ Frame 7090 131 B
155 B 35ms
21ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

POST
H3 200 log Show response
play.google.com/ Frame 7090 131 B
155 B 39ms
22ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

GET
H2 200 m-outer-34afacfd6ab0f96c9ef6991f605f5d2c.html Show response
js.stripe.com/v3/ Frame 34BA 186 B
843 B 8ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-34afacfd6ab0f96c9ef6991f605f5d2c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5c3432844981b85004117d79c50bcd6b62d7e9221569e751c8a574308783a998

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://help-now.safe.org.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 204826
cache-control: max-age=31536000
content-encoding: br
content-length: 114
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 02:48:25 GMT
etag: "34afacfd6ab0f96c9ef6991f605f5d2c"
last-modified: Fri, 16 Sep 2022 17:52:58 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 98914
x-content-type-options: nosniff
x-request-id: 5df29207-f817-4d19-92b5-28806a173e36
x-served-by: cache-hhn4042-HHN

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4... Frame 914A 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4xZHJoyWM.L.B1.O/am=B4A/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgxRhgQ_eZjmCM8K5cGIvMLciznXQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a88df5478f6afd3e15676a143f0b0b8e0e8c87f03b4c1a908cef98c1402201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 16:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7399
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 23:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 16:46:27 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4... Frame 914A 37 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4xZHJoyWM.L.B1.O/am=B4A/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgxRhgQ_eZjmCM8K5cGIvMLciznXQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59b29cf164ab12b5d1220067310ebc72a95a9190969e5e78caa80489bf00d95f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 16:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13983
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 23:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 16:46:27 GMT

POST
H3 200 log Show response
play.google.com/ Frame 914A 131 B
155 B 34ms
19ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

POST
H3 200 log Show response
play.google.com/ Frame 914A 131 B
155 B 35ms
21ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

POST
H3 200 log Show response
play.google.com/ Frame 914A 131 B
155 B 37ms
22ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

POST
H3 200 log Show response
play.google.com/ Frame 914A 131 B
155 B 28ms
17ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

POST
H3 200 log Show response
play.google.com/ Frame 914A 131 B
155 B 29ms
18ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

POST
H3 200 log Show response
play.google.com/ Frame 914A 131 B
155 B 33ms
19ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 181ms
178ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 200 log Show response
play.google.com/ Frame 7090 131 B
155 B 31ms
19ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 179ms
179ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 178ms
178ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 log Show response
play.google.com/ Frame 7090 131 B
671 B 77ms
29ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

POST
H3 200 log Show response
play.google.com/ Frame 914A 131 B
155 B 35ms
20ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 179ms
179ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 178ms
178ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 178ms
178ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 179ms
178ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 179ms
178ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 180ms
180ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 179ms
178ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 7FE8 0
127 B 178ms
178ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 194ms
19ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 188ms
19ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 92ms
24ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 156ms
23ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 148ms
24ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 142ms
23ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 135ms
25ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 126ms
27ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 100ms
20ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 61ms
24ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Sep 2022 02:48:25 GMT
expires: Mon, 19 Sep 2022 02:48:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 34BA 0
570 B 177ms
176ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 34BA 0
570 B 177ms
177ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-122d41b1660637f8f71cfa00aa46988d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 34BA 526 B
407 B 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-122d41b1660637f8f71cfa00aa46988d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-34afacfd6ab0f96c9ef6991f605f5d2c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-34afacfd6ab0f96c9ef6991f605f5d2c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 22
x-cache: HIT
content-length: 256
etag: "d96c709017743c0759cf3853d1806ba5"
x-request-id: 7e6dc1ad-2855-458f-b489-0b9d828af5b6
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 17:52:57 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

POST
H3 200 log Show response
play.google.com/ Frame 914A 131 B
155 B 26ms
23ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfridH7xDcEcQsSXqOZo5zRfBOM9DYA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:25 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:25 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame DD3F 930 B
1 KB 39ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-122d41b1660637f8f71cfa00aa46988d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 137
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 02:48:25 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 33
x-content-type-options: nosniff
x-request-id: 9f2d2d65-8704-4792-95e2-bbf4b40b14f9
x-served-by: cache-hhn4042-HHN
x-timer: S1663555706.673695,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame DD3F 0
344 B 177ms
176ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: help-now.safe.org.nz
URL: https://help-now.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 02:48:25 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame DD3F 86 KB
16 KB 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 80
x-cache: HIT
content-length: 16031
x-request-id: bbc1e9ae-e4dc-4510-9003-ea1d8579ebfa
x-served-by: cache-hhn4042-HHN
server: Fastly
x-timer: S1663555706.708266,VS0,VE0
date: Mon, 19 Sep 2022 02:48:25 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 17

POST
H2 200 6 Show response
m.stripe.com/ Frame DD3F 156 B
523 B 567ms
178ms XHR
application/json 52.27.131.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.131.183 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-131-183.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

281737611b8dc7bfd387a14e99ddc2cb50452ebf06ab9649623e89950e7b3a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 02:48:26 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C113 28 B
54 B 22ms
22ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a97e97de/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-Goog-Request-Time: 1663555706957
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Eo4Ym46mcxw?rel=0&showinfo=0&autoplay=0
X-YouTube-Client-Version: 1.20220914.01.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtiUHE2ZGFrMmU5QSj3sJ-ZBg%3D%3D
X-YouTube-Ad-Signals: dt=1663555704303&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C550%2C309&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 19 Sep 2022 02:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 19 Sep 2022 02:48:26 GMT

GET
H2 200 trusted-types-checker-b31b0d3b211d1247a37e6120682932ed.js Show response
js.stripe.com/v3/fingerprinted/js/ 174 B
313 B 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-b31b0d3b211d1247a37e6120682932ed.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

79db4d79a6e53e3aa9b5703a1156cc9accef42d4d3d31b5019d2eabf216fa751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://help-now.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 41
x-cache: HIT
content-length: 119
etag: "5cbd8f0579eb735eea933bbd78b29553"
x-request-id: 40d12eae-1eb9-4b37-b012-ef5d56f52f62
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Fastly
date: Mon, 19 Sep 2022 02:48:30 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

POST
H2 200 0 Show response
r.stripe.com/ Frame A552 0
127 B 178ms
178ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-34e5a0ac7505c6d671767379211ed2bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 19 Sep 2022 02:48:30 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
api.raisely.com/	1970-01-20 06:07:18	Name: __cflb Value: 02DiuDrFw1qRRyJx18kodD7PHZEK1ryy25VLUgGqjkuEk
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: _4Y3qzhfTGA
.youtube.com/	1970-01-20 10:25:07	Name: VISITOR_INFO1_LIVE Value: bPq6dak2e9A
.google.com/	1970-01-20 10:29:26	Name: NID Value: 511=MvoXRHiyCRBCbuT6_f38V5B5yjOY-dFrxjMVKwOcnmHkI4Vn4aYNQUt_bMO25jPkuC4gKnUN3foxBG2Hci9_yISjAu4k5v8HBHHJOaNuTWWRVpFe7FwOFKbNhNgB7AbcnNZS1ZiTswEJgy5qWkRpvbRwyzjTz-eLW0i6pBD5yjs
m.stripe.com/	1970-01-20 15:41:55	Name: m Value: c43345a2-e02e-4fdb-885b-be0132b2a69c68e7dd
.help-now.safe.org.nz/	1970-01-20 14:51:31	Name: __stripe_mid Value: 01b4057a-a1ae-4192-8d21-79cae5a588f358992a
.help-now.safe.org.nz/	1970-01-20 06:05:57	Name: __stripe_sid Value: c18f8ed6-adde-40f2-ab61-7629738797b2ec1913

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors *.raisely.com save-hens.safe.org.nz help-now.safe.org.nz;
Strict-Transport-Security	max-age=86400;
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.raisely.com
cdn.raisely.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
help-now.safe.org.nz
i.ytimg.com
jnn-pa.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
raisely-images.imgix.net
static.doubleclick.net
superb-rudolph.raisely.com
www.facebook.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
151.101.64.176
185.180.12.68
2606:4700:10::ac43:76c
2a00:1450:4001:801::2001
2a00:1450:4001:801::200a
2a00:1450:4001:801::200e
2a00:1450:4001:802::2016
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a00:1450:400c:c00::5c
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:3::720
2a09:8280:1:9169:525:6faf:8a6f:9ab1
52.27.131.183
54.187.159.182
00edbb5cba4de3e007abc081e2350977929dc9835e163b27171f26f7d82fbf79
01a3a24ac02bc760a729aea23d3a55eb3fd4a400a0d957d6af4a0fe3b311f00f
024a435dcde1fb6677eb40f9dad2563e398d1b4725d423e9970e354c5de599ef
09306d45a56d4b23ad24b5d37b4ed3bc53ce234e958289215b850b872e30d705
09e4386277bdc6728533219d4ee6375c5eac0c4d8c6ed062737b0a1d092ff1c5
0d598c29412ef0cd35fe19215a8cea3c0ac0eb25b4102e4e4d36f8903434578c
0ee9870d18df955810da252e7bdf864657f3a23fd8c22acab9b77ff645078556
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15890904715929f6944522e202b2cf54d61abeacf89ad293bf42c4da7aac68c7
1cecf1ef5fb5bf9d570548b3cae9efa8cccae10bf92f51cd1a62102b5b5928d6
1f3a7de78c23d8d8ebacb0d40132765f8fb79aadca6ec46616d184313fb3b14e
2050362889acbc224a08ba5b80f58289ca3b3b4ba0abc4684c17b0ae708cdd51
25cd4fc6fb164959da3126b86fca8c41be1b35dbc7d7952d9be27d5724c762f4
281737611b8dc7bfd387a14e99ddc2cb50452ebf06ab9649623e89950e7b3a2a
2cf9256e5762f3ba4f224a0db1d07bbc976fa5b39729019e2bd8c69c446e0372
2e038b9d08aa52236f78b1af732b7f4a87b932dfe25262927ebffc05b60b3bc4
2edf477b34eeaf13d8bb762880aad797ae514af6836d1658a9b43bc26c90a703
2fda0dfc809fcad24cdd2aff053075bb93c3de90317dcd3a14286593d784023a
313a6a4dff0b7cd4800ddcb07017fb1bf186020d98b8c724e1c75fd306ca148c
35ffab8edc29e97e14c1b9e624233b8434e0508c6c4d20448c82bcb3d0e11643
369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429
37744dd6ea73d64cf2caa1fab78b449e84d77693a68c0baf9b724b1fbb6722a5
3c592689c9785a40ef454900cfad61dbc1d4589db59cf19becc2fe5f4f057041
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e758e3805d1be2c556ce79dfe9a7e78d372665240b6924bbcead5c255d317b8
416c8ffa1a59d4cae68371a6582210d44fd0aa1539299bc807f345e08dbc0cef
4282224a008d775bc000abe53fabf696198e22e65aadf0063fac3aad50e90d22
434d631dfd537819c6866ca832c244ee3936108127beae3f111f777410ff849d
47a88df5478f6afd3e15676a143f0b0b8e0e8c87f03b4c1a908cef98c1402201
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
523078baeace0e78f05b56a76a8cfd56de5734077b2b7fb973b735050635ba21
59b29cf164ab12b5d1220067310ebc72a95a9190969e5e78caa80489bf00d95f
5b41f8b5f38e4610eacfc0973cf7a65e774b13f9216658aa0d3f8d19a45069fb
5c3432844981b85004117d79c50bcd6b62d7e9221569e751c8a574308783a998
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6f0ebfd4d25bf865533caa0d8fd6bb00aea1c77921e05590efb4b54a95715106
7075dcdf007b578f3a377651395201c80dc1b81b2dc9093e4dde64b036821806
71a4954bfc82b7512ffe6f4c8a53e763a37157f399c94b13b2fe4bd423b5e86e
748946db8a26d574fca067204deb081d499be5e0725191015f5ddde35efd7382
79db4d79a6e53e3aa9b5703a1156cc9accef42d4d3d31b5019d2eabf216fa751
7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56
7d851be3abf4964c67dad211d161ebee06fe59e358c7b4605a56e0e763e2be22
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8c0a0cd310cd3e63daa90db8e11dc291a4f9bdd30feb8f57a2e0460294282df9
8c3392e876d4b5c778e0d0ae787502252e3353b59149063e1f6a1a85216cb9e5
8d2cd99c6b8da7923dd000ebcaa342505f6a6d1a9efe914b24dc18b8d16816dc
9038eec8585818c01dcdd60af92c6eee614a23f067f8d1569101510f3d0a526a
9480cb4a593a4bd917aebc87926f15279f159c13f73559594ad63b2a2ef3cb0e
95df2aad4647b6fb6d81c46c1c427edbfc504b9c585da7048ef26b2f70d8fffc
99bdabb19d46120c330ec9c62e232dd6f246c3aa0d221e2cbe6d394f9f54e583
9b3a2f3e39ee7f85aeff60fa8a1d863496fac428e939d631a312f0e0bf1873d1
9ecc94d599b99d64bc98482b647a573fde50858c7a6116bd85010cd678c22ff2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a30c66be02a91f8ee972bf88539fec6ee0913bfa58cd7775ff6f763290bdfb3d
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
adb172e407e8cab1d00a36f1ade3ac8a41b4f05d3ffd7622500ce38c36cb7529
b0a29af6abd7b7399baf0fa46d962bb273efa7d70042d7fbbaa64948c6025f9b
b426bb3142df225c1f448f4467f285b92d3482e08ca9f4f7099611db45df27eb
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c0e425ecade585e9efcdc3dd3e0d5d97baf7e6c19162304bfa6a2fc2aa269184
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c50ea820fcf5b6a29e3b03d92abb22ca9322d98814d4b6ae36475acb2d5ce4ab
c51a67387b8252e3e55cf297927924f3322120503fdd430c25105b0e7f082dfc
cb4458da29a6c1d7a4d001d06f09513c546741322c6b4a6d8fec4b5830a7be04
cc0e0dc8b4c0fa856382e562030f5ca48bd27279e85e3404d4e252d4a06fb0ee
cc45db7fe7b252e70201f7084ee4379b8169dd4c17f1a9f11b28a58d22f14f44
cf4a5827577efb0b940731d56c284dc427963a92861aac865a2f09642ba97f2a
d0e8ef0b8b33b0a1939a1f18ac8242ce9dff985f774a4b216324e9ba7248cd87
d1d9d6947809156a399432448f7d38af1a9f7c9384a1a0a4790b96de6752f014
d6fc00dfb8e0e17becd6731594814432407728ec1d35e85d6dce3b8906c563dd
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8a61bf09678f1263a12352161d92180fd750b9dab7b7490fabf998fb0f463d1
d8e68591784cfded415de1a9f6a6c79183971b9458560dce6ece10c138952703
ddd18c4dbec8a4fe349255f4e5a35d9757cfa9c1e50daa337059d099118c8b1b
de37a8ced3c2cbbb8703819bf19497c39572df574bef15407936bd3f60cc24f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b0186a5bb9858f730ed0311c9d5bc7826cf8ce3d49ce97010b335888963917
edc1224c309f3f6dba409e4b4b16b0c3ced0f71703403c5fbf4f479c6291d926
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
effc224cadf5e8c8e3d27c82708ace3f77a0cc48ab237b4e9de5fd6a06616828
f06a2dca8699c524f629e74dab5f4d02e33d74f7262f02317aa7d1a26ff5617a
f2312e351be5944b4598bce2a1975b1e1450ff671341685de8b88e191ad37a2c
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68e9aa18c5211046aa0f6c9f239c4c7bc9f86cb340c379f6193e82c69dc385f
f8c07159630037d681b24f395800599f85865ef961db8f1c1983f50adfcbdb72

help-now.safe.org.nz Open in urlscan Pro 2a09:8280:1:9169:525:6faf:8a6f:9ab1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

213 Requests

99 %HTTPS

82 %IPv6

15 Domains

25 Subdomains

23 IPs

4 Countries

8849 kBTransfer

18181 kBSize

7 Cookies

5 Outgoing links

Redirected requests

213 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

help-now.safe.org.nz Open in urlscan Pro
2a09:8280:1:9169:525:6faf:8a6f:9ab1 Public Scan

Screenshot
Live screenshot

Full Image

213
Requests

99 %
HTTPS

82 %
IPv6

15
Domains

25
Subdomains

23
IPs

4
Countries

8849 kB
Transfer

18181 kB
Size

7
Cookies

213 HTTP transactions
1 data transactions