creflodollarministries.org Open in urlscan Pro
40.76.151.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://creflodollarministries.org/give
Effective URL:
https://creflodollarministries.org/give
Submission: On June 15 via api (June 15th 2023, 9:16:54 am UTC) from FI — Scanned from FI

Summary HTTP 122 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 17 domains to perform 122 HTTP transactions. The main IP is 40.76.151.244, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is creflodollarministries.org.
TLS certificate: Issued by Network Solutions OV Server CA 2 on August 31st 2022. Valid for: a year.

This is the only time creflodollarministries.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	40.76.151.244 40.76.151.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	20.60.62.4 20.60.62.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.122.49 18.66.122.49	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:225... 2600:9000:2251:ea00:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	184.25.158.47 184.25.158.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
2	52.29.146.197 52.29.146.197	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
15	13.225.78.88 13.225.78.88	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
24	18.66.112.25 18.66.112.25	16509 (AMAZON-02) (AMAZON-02)
10	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
8	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
1 2	64.4.245.84 64.4.245.84	() ()
1	2a04:4e42:200... 2a04:4e42:200::291	() ()
122	26

11 40.76.151.244 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

creflodollarministries.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.60.62.4 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

worldchangers.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-49.fra60.r.cloudfront.net

static.elevate.salesforce.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2251:ea00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.25.158.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-158-47.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.146.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-146-197.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 13.225.78.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-88.fra2.r.cloudfront.net

pages.elevate.salesforce.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 18.66.112.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-25.fra56.r.cloudfront.net

payments-js.elevate.salesforce.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (None, ) 1 redirects

ASN- ()

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::291 (None, )

ASN- ()

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	salesforce.org static.elevate.salesforce.org — Cisco Umbrella Rank: 575310 pages.elevate.salesforce.org Failed payments-js.elevate.salesforce.org — Cisco Umbrella Rank: 993166	696 KB
20	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2351 t.paypal.com — Cisco Umbrella Rank: 3041 c.paypal.com — Cisco Umbrella Rank: 5434 b.stats.paypal.com dub.stats.paypal.com c6.paypal.com	350 KB
11	creflodollarministries.org 1 redirects creflodollarministries.org	275 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	551 KB
8	sharethis.com ws.sharethis.com — Cisco Umbrella Rank: 11381 l.sharethis.com — Cisco Umbrella Rank: 5019	113 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2890 www.google.com — Cisco Umbrella Rank: 3	842 B
5	windows.net worldchangers.blob.core.windows.net	112 KB
4	google.fi www.google.fi — Cisco Umbrella Rank: 27177	688 B
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 124	502 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	41 KB
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2140	34 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	22 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 749 script.hotjar.com — Cisco Umbrella Rank: 1067	73 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 997	72 KB
1	chimpstatic.com chimpstatic.com — Cisco Umbrella Rank: 5225	787 B
1	gstatic.com fonts.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	1 KB
122	17

	Domain	Requested by
24	payments-js.elevate.salesforce.org	pages.elevate.salesforce.org payments-js.elevate.salesforce.org
15	pages.elevate.salesforce.org	static.elevate.salesforce.org creflodollarministries.org pages.elevate.salesforce.org
11	creflodollarministries.org	1 redirects creflodollarministries.org
10	www.paypal.com	payments-js.elevate.salesforce.org www.paypal.com www.paypalobjects.com
9	www.googletagmanager.com	creflodollarministries.org www.googletagmanager.com www.google-analytics.com pages.elevate.salesforce.org
6	ws.sharethis.com	creflodollarministries.org ws.sharethis.com
5	c.paypal.com	www.paypal.com c.paypal.com
5	worldchangers.blob.core.windows.net	creflodollarministries.org
4	www.google.fi	creflodollarministries.org
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	www.google-analytics.com	creflodollarministries.org www.google-analytics.com www.googletagmanager.com
3	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
3	region1.analytics.google.com	www.googletagmanager.com
3	cdnjs.cloudflare.com	creflodollarministries.org
2	t.paypal.com
2	www.google.com	creflodollarministries.org
2	l.sharethis.com	ws.sharethis.com creflodollarministries.org
2	maxcdn.bootstrapcdn.com	creflodollarministries.org maxcdn.bootstrapcdn.com
1	c6.paypal.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	chimpstatic.com	creflodollarministries.org
1	fonts.gstatic.com	fonts.googleapis.com
1	static.elevate.salesforce.org	creflodollarministries.org
1	fonts.googleapis.com	creflodollarministries.org
122	27

This site contains links to these domains. Also see Links.

Domain
form.jotform.com
cywestore.com
worldchangers.org
www.arrow-records.com
change-deploy.creflodollarministries.org
cywn.tv
www.worldchangers.org
fellowship.creflodollarministries.org
missions.creflodollarministries.org
cdma.creflodollarministries.org
cdmadministrationnew.cdm-worldchangers.p.azurewebsites.net
www.taffidollar.org
cdmeurope.org
creflodollarevents.com
www.facebook.com
twitter.com
bit.ly
www.instagram.com
2020partner.simplero.com
www.youtube.com

Subject Issuer	Validity	Valid
creflodollarministries.org Network Solutions OV Server CA 2	`2022-08-31` - `2023-10-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-03-20` - `2024-03-20`	a year	crt.sh
static.elevate.salesforce.org DigiCert TLS RSA SHA256 2020 CA1	`2022-11-01` - `2023-10-31`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
wildcardsan.us15.list-manage.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-15` - `2023-11-15`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
philanthropycloud.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://creflodollarministries.org/give
Frame ID: C514A8151DA0EE8AAA3B0AA658CA130C
Requests: 52 HTTP requests in this frame

Frame: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
Frame ID: 0DAE11B735118DC9C69008173B41890C
Requests: 1 HTTP requests in this frame

Frame: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
Frame ID: 83C580483D4A0167FB74AC428C2F6C99
Requests: 21 HTTP requests in this frame

Frame: https://payments-js.elevate.salesforce.org/index.html
Frame ID: 0DE7F282EC756DB3989C05C3C2953477
Requests: 12 HTTP requests in this frame

Frame: https://payments-js.elevate.salesforce.org/paypal.html
Frame ID: 865D82C015848D88B7104AAFD5F19C96
Requests: 17 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=white&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.378&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpPbjVQb0ZuZ1VNalh2Qk9MMHFyOU94MzNYb0ttNzZZSGRJa0Y5bThUTk1pc20tUjNnNUdGTHBtWDQwWl9SeWVhOGg5Q1dTNEZkclUxTzMmY29tcG9uZW50cz1idXR0b25zJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZtZXJjaGFudC1pZD02RlE4NFpKQUpYSllDIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfbGJ5b2FrZW9ycndxeGxxaXNrenp4bGR4Z2tkeHhyIn19&clientID=AZOn5PoFngUMjXvBOL0qr9Ox33XoKm76YHdIkF9m8TNMism-R3g5GFLpmX40Z_Ryea8h9CWS4FdrU1O3&sdkCorrelationID=f3997137ecb5c&storageID=uid_e6188b1fd2_mdk6mty6ndk&sessionID=uid_bd1c319e94_mdk6mty6ndk&buttonSessionID=uid_067d958a43_mdk6mty6ndk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&merchantID.0=6FQ84ZJAJXJYC&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Frame ID: 3AEF1C65EFA8CDB16F827933C3C6CE9A
Requests: 6 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 70BC2686C344143D6BFA7AB234D3F05A
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: B8F55D35CD04839774242EC4207AF7EC
Requests: 2 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: E7D07C00C597D9F690318D432519CD76
Requests: 3 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 1839C886E5185483C6A45A58F18A135A
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_bd1c319e94_mdk6mty6ndk&s=SMART_PAYMENT_BUTTONS
Frame ID: 1446DE1200D2B68E515C2F8D7942D0DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Give | Creflo Dollar Ministries

Page URL History Show full URLs

http://creflodollarministries.org/give HTTP 301
https://creflodollarministries.org/give Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

chimpstatic\.com/mcjs-connected

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)

Page Statistics

122
Requests

98 %
HTTPS

48 %
IPv6

17
Domains

27
Subdomains

26
IPs

3
Countries

2390 kB
Transfer

7173 kB
Size

25
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://form.jotform.com/211607808026048
Title: Prayer

Search URL Search Domain Scan URL

URL: https://cywestore.com/
Title: eStore

Search URL Search Domain Scan URL

URL: https://worldchangers.org/annual-events
Title: Events

Search URL Search Domain Scan URL

URL: http://www.arrow-records.com/
Title: Arrow Records

Search URL Search Domain Scan URL

URL: http://change-deploy.creflodollarministries.org/
Title: Change Magazine

Search URL Search Domain Scan URL

URL: http://cywn.tv/
Title: 24HR Network

Search URL Search Domain Scan URL

URL: http://www.worldchangers.org/
Title: World Changers Church

Search URL Search Domain Scan URL

URL: http://fellowship.creflodollarministries.org/
Title: Fellowship Churches

Search URL Search Domain Scan URL

URL: http://missions.creflodollarministries.org/Missions?Cause=3135
Title: Love thy Neighbour

Search URL Search Domain Scan URL

URL: http://missions.creflodollarministries.org/Missions?Cause=3134
Title: Care for Kids

Search URL Search Domain Scan URL

URL: http://missions.creflodollarministries.org/Missions?Cause=3137
Title: Project Virtue

Search URL Search Domain Scan URL

URL: http://missions.creflodollarministries.org/Missions?Cause=3136
Title: Hope in Disaster

Search URL Search Domain Scan URL

URL: https://cdma.creflodollarministries.org/
Title: Associations (CDMA)

Search URL Search Domain Scan URL

URL: https://cdmadministrationnew.cdm-worldchangers.p.azurewebsites.net/switchboard/eStore?region=$[userregionid%20/]
Title: Bookstore

Search URL Search Domain Scan URL

URL: http://www.taffidollar.org/
Title: Arrow Records

Search URL Search Domain Scan URL

URL: http://missions.creflodollarministries.org/CDGM-Love-Thy-Neighbour
Title: Love thy Neighbour

Search URL Search Domain Scan URL

URL: http://missions.creflodollarministries.org/Care-for-Kids
Title: Care for Kids

Search URL Search Domain Scan URL

URL: http://missions.creflodollarministries.org/CDGM-Project-Virtue
Title: Project Virtue

Search URL Search Domain Scan URL

URL: http://missions.creflodollarministries.org/CDGM-Disaster-Relief
Title: Hope in Disaster

Search URL Search Domain Scan URL

URL: https://form.jotform.com/212208187440046
Title: Submit a testimony

Search URL Search Domain Scan URL

URL: https://cdmeurope.org/
Title: Русскоязычный регион

Search URL Search Domain Scan URL

URL: http://cdmadministrationnew.cdm-worldchangers.p.azurewebsites.net/switchboard/Donations?region=7
Title: Partner Giving

Search URL Search Domain Scan URL

URL: https://creflodollarevents.com/
Title: EVENTS

Search URL Search Domain Scan URL

URL: https://www.facebook.com/europe.cdm/

Search URL Search Domain Scan URL

URL: https://twitter.com/cdm_europe

Search URL Search Domain Scan URL

URL: https://bit.ly/2UCzqOL

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cdm_europe/?hl=en

Search URL Search Domain Scan URL

URL: https://2020partner.simplero.com/page/124241-signup
Title: Partnership

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CrefloDollarMinistries/?fref=ts

Search URL Search Domain Scan URL

URL: https://twitter.com/Creflo_Dollar

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CrefloDollarMinistry

Search URL Search Domain Scan URL

URL: https://www.instagram.com/iamcreflodollar/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://creflodollarministries.org/give HTTP 301
https://creflodollarministries.org/give Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://b.stats.paypal.com/v2/counter.cgi?p=uid_bd1c319e94_mdk6mty6ndk&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_bd1c319e94_mdk6mty6ndk&s=SMART_PAYMENT_BUTTONS

122 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request give Show response
creflodollarministries.org/
Redirect Chain

http://creflodollarministries.org/give
https://creflodollarministries.org/give

37 KB
12 KB

648ms
349ms

Document
text/html

40.76.151.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://creflodollarministries.org/give

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.151.244 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

29116426077ea4374a6688f5ccb4155c1b8997c92349956baa9c854f47506758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Length: 11012
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Jun 2023 09:16:45 GMT
Expires: Thu, 15 Jun 2023 10:16:45 GMT
Last-Modified: Thu, 15 Jun 2023 09:16:45 GMT
Request-Context: appId=cid-v1:023793fb-7108-413c-be4a-9d3b97b713ba
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=31536000
Vary: *
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: master-only
X-XSS-Protection: 1; mode=block

Redirect headers

Content-Length: 0
Date: Thu, 15 Jun 2023 09:16:44 GMT
Location: https://creflodollarministries.org/give

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 136ms
57ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 565, 617, 617
age: 1785615
cdn-cachedat: 2021-06-08 19:04:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7d79b753db42376b-HEL
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 204ms
70ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700,300,400

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Jun 2023 09:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 09:16:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Jun 2023 09:16:46 GMT

GET
H2 200 bootstrap-select.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.18/css/ 11 KB
3 KB 119ms
41ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.18/css/bootstrap-select.min.css

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22308edbb8e579501cdd58de2ce245ea13f2d9efde21c79a0938e21094305a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2041066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1895
last-modified: Mon, 29 Jun 2020 16:55:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5efa1cee-2bb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tXyxHZkcrM9wBAKGWjEhMQZySKuIAAbxR8IIAkT6Il1%2BtGHQ7kNpO54IAvijQNBnsNqFQzEcg37hzpt3JJVWfVPOXn7STjReaZzFk2qToURpC2HUsOaox8d9RC8ZdDDoh%2BNptj2X43LE6u5309NvSdv"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d79b753de853766-HEL
expires: Tue, 04 Jun 2024 09:16:46 GMT

GET
H/1.1 200
OK Website
creflodollarministries.org/CSS/ 304 KB
69 KB 151ms
148ms Stylesheet
text/css 40.76.151.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://creflodollarministries.org/CSS/Website?v=0HnP8hoWRVGmtkwjOlL0B1KB6TKjc-nNAgPyDBk1a6s1

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.151.244 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

0862104c2742e228150af9d337aa9339d15669b25d634d1e0689c6160451a238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/give
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 09:16:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: master-only
X-AspNet-Version: 4.0.30319
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:023793fb-7108-413c-be4a-9d3b97b713ba
Last-Modified: Thu, 15 Jun 2023 09:16:46 GMT
Server: Microsoft-IIS/10.0
Vary: User-Agent,Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: public
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Headers: Content-Type
Expires: Fri, 14 Jun 2024 09:16:46 GMT

GET
H/1.1 200
OK custom.modernizr.js Show response
creflodollarministries.org/scripts/ 9 KB
5 KB 430ms
150ms Script
application/x-javascript 40.76.151.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://creflodollarministries.org/scripts/custom.modernizr.js

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.151.244 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e2e9c2a8caf63e6916ffee45f802b86532d1c13b5a480267dbc99c000d6d63b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/give
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 09:16:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 4988
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 14 Jun 2021 08:30:43 GMT
Server: Microsoft-IIS/10.0
ETag: "f6f2f190f760d71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK prettyPhoto.css
creflodollarministries.org/Content/ 19 KB
4 KB 419ms
141ms Stylesheet
text/css 40.76.151.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://creflodollarministries.org/Content/prettyPhoto.css

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.151.244 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a5d6a1ef2468e75bf27fece108ce1d40ff3ea68861db79ceec55205a1e88ec07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/give
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 09:16:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 3814
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 14 Jun 2021 08:30:42 GMT
Server: Microsoft-IIS/10.0
ETag: "28173c90f760d71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK 2016.css
creflodollarministries.org/Content/ 10 KB
3 KB 420ms
142ms Stylesheet
text/css 40.76.151.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://creflodollarministries.org/Content/2016.css

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.151.244 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

12790dce63c6f1eff597d88de839b6123b76b909bad0f8f827baa04d335e3d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/give
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 09:16:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 2358
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 14 Jun 2021 08:30:42 GMT
Server: Microsoft-IIS/10.0
ETag: "acf53290f760d71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK print_header.jpg
worldchangers.blob.core.windows.net/pieces/print/ 37 KB
37 KB 655ms
158ms Image
image/jpeg 20.60.62.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worldchangers.blob.core.windows.net/pieces/print/print_header.jpg
Requested by: Host: creflodollarministries.org
URL: https://creflodollarministries.org/give
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.62.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fe5ed75cb1afefdefa31721ca5ed6c5b9a63b9f921e12877a96180f5d423a22b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 15 Jun 2023 09:16:46 GMT
Last-Modified: Fri, 30 Jun 2017 14:18:10 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: N2TaIikL66WWwqrEWwt9hQ==
ETag: 0x8D4BFC2D637D947
Content-Type: image/jpeg
x-ms-request-id: 52138592-301e-00ac-516a-9fe417000000
x-ms-version: 2009-09-19
Content-Length: 37910

GET
H/1.1 200
OK cdm_logo.png
worldchangers.blob.core.windows.net/uploads/cdm/ 28 KB
28 KB 662ms
163ms Image
image/png 20.60.62.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worldchangers.blob.core.windows.net/uploads/cdm/cdm_logo.png
Requested by: Host: creflodollarministries.org
URL: https://creflodollarministries.org/give
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.62.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f8b34e2691831dd7335343860d1e3650ae3cb549aced769a151402995d37a4a0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 15 Jun 2023 09:16:46 GMT
Last-Modified: Tue, 18 Aug 2020 16:21:34 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: eiCU09y3ntl/NPelsYhzNQ==
ETag: 0x8D84392C63AB5D9
Content-Type: image/png
x-ms-request-id: 16c2c1dd-b01e-0046-6a6a-9fc339000000
x-ms-version: 2009-09-19
Content-Length: 28413

GET
H/1.1 200
OK 201601273141_generic-1024.jpg
worldchangers.blob.core.windows.net/uploads/banners/ 68 B
471 B 663ms
151ms Image
image/jpeg 20.60.62.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worldchangers.blob.core.windows.net/uploads/banners/201601273141_generic-1024.jpg
Requested by: Host: creflodollarministries.org
URL: https://creflodollarministries.org/give
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.62.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 15 Jun 2023 09:16:46 GMT
Last-Modified: Thu, 06 Jul 2017 11:39:21 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: l4wb7knXrV/BpNgQmbE+GA==
ETag: 0x8D4C463A4D582F7
Content-Type: image/jpeg
x-ms-request-id: 337538f4-501e-004e-2e6a-9fd936000000
x-ms-version: 2009-09-19
Content-Length: 68

GET
H/1.1 200
OK cdm_logo.png
worldchangers.blob.core.windows.net/elements/logos/ 2 KB
2 KB 609ms
144ms Image
image/png 20.60.62.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worldchangers.blob.core.windows.net/elements/logos/cdm_logo.png
Requested by: Host: creflodollarministries.org
URL: https://creflodollarministries.org/give
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.62.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c419424328d978ea6ebc6dd97f9bbbc5ec3c4b9dcfddc25383b283890955b2aa

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 15 Jun 2023 09:16:46 GMT
Last-Modified: Mon, 03 Jul 2017 11:29:51 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 80zlFRK4dKadcQv6dTaSvA==
ETag: 0x8D4C206D1C4259A
Content-Type: image/png
x-ms-request-id: 9061de65-e01e-00af-716a-9f0573000000
x-ms-version: 2009-09-19
Content-Length: 2054

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
creflodollarministries.org/Scripts/ 87 KB
39 KB 154ms
153ms Script
application/x-javascript 40.76.151.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://creflodollarministries.org/Scripts/jquery-3.6.0.min.js

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.151.244 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/give
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 09:16:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 39742
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 16 Jul 2021 12:22:07 GMT
Server: Microsoft-IIS/10.0
ETag: "35946d313d7ad71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK Website Show response
creflodollarministries.org/JS/ 350 KB
138 KB 150ms
150ms Script
text/javascript 40.76.151.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://creflodollarministries.org/JS/Website?v=5A8OCxf2zwE7TR6ChjIPEDSmmGHAbS7rThRgWG_Qbqs1

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.151.244 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

d9776113b6231305c8d399ab21532e47bd368d31a50788cb9c96fc2eb2724349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/give
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 09:16:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: master-only
X-AspNet-Version: 4.0.30319
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:023793fb-7108-413c-be4a-9d3b97b713ba
Last-Modified: Thu, 15 Jun 2023 09:16:46 GMT
Server: Microsoft-IIS/10.0
Vary: User-Agent,Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: public
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Headers: Content-Type
Expires: Fri, 14 Jun 2024 09:16:46 GMT

GET
H2 200 sdk.js Show response
static.elevate.salesforce.org/donation-widget/ 22 KB
9 KB 235ms
89ms Script
application/javascript 18.66.122.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.elevate.salesforce.org/donation-widget/sdk.js
Requested by: Host: creflodollarministries.org
URL: https://creflodollarministries.org/give
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0fe44eda0231a3a5e6b244a8ec36318fe886df6fc5a38a9fcf1fcd5575050e5c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 08:41:20 GMT
content-encoding: gzip
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-amz-version-id: r7VmzD09PoyAflWpVLmIbUPWWYKAUpr5
x-amz-request-id: 3E1VTWWWNZS53R0Z
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
age: 2127
x-cache: Hit from cloudfront
content-length: 8940
x-amz-id-2: R7E9G/+o6kl3M1ZHTLNHqzr75f5UssyH7yQlHAnL66nocvs65CxOf/091nxyMQwhbGsM72bXp4k=
last-modified: Fri, 14 Oct 2022 23:40:56 GMT
server: AmazonS3
etag: "96af57c39997b4ea965b6dcb1258cd2a"
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: sYHkTNRdPSS6R2AdjAeg75ibjtd0J9fxVqzQOjMz5KvhKeP3eEp-_Q==

GET
H2 200 buttons.js Show response
ws.sharethis.com/button/ 106 KB
27 KB 250ms
85ms Script
application/javascript 2600:9000:2251:ea00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/buttons.js

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:ea00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

0e62ab3ba4b38fed7e3c12eb6198068550e4988df3d4e2cf062bca914b71b8b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 09:11:57 GMT
content-encoding: gzip
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 86689
x-cache: Hit from cloudfront
content-length: 27574
server: nginx/1.20.1
etag: W/"648758c3-1a94a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=259200
x-robots-tag: noindex, nofollow
x-amz-cf-id: RvJrsbQCz7Du9UvRCEe7stE7jDVliMkvogK3sfTKi0xx-hA3p6mJ_w==
expires: Sat, 17 Jun 2023 09:11:57 GMT

GET
H/1.1 200
OK jquery.snorlax-0.0.1.js Show response
creflodollarministries.org/scripts/ 1 KB
1 KB 150ms
141ms Script
application/x-javascript 40.76.151.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://creflodollarministries.org/scripts/jquery.snorlax-0.0.1.js

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.151.244 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

39e3c60f81895117aebd6b042d88eb3e08b2c81810bfccd9f63645f90f7b8509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/give
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 09:16:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 730
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 16 Jul 2021 11:45:18 GMT
Server: Microsoft-IIS/10.0
ETag: "c8fbb9c387ad71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK jquery.cd-charcounter-1.0.0.min.js Show response
creflodollarministries.org/scripts/ 874 B
1 KB 151ms
142ms Script
application/x-javascript 40.76.151.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://creflodollarministries.org/scripts/jquery.cd-charcounter-1.0.0.min.js

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.151.244 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c0aac7c36fab3ad110b18a455ead491f453319bfe6a0865a722bc792beb0c8a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/give
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 09:16:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 579
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 14 Jun 2021 08:30:44 GMT
Server: Microsoft-IIS/10.0
ETag: "bfb64691f760d71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK understanding-grace.js Show response
creflodollarministries.org/scripts/ 2 KB
1 KB 339ms
184ms Script
application/x-javascript 40.76.151.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://creflodollarministries.org/scripts/understanding-grace.js

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.151.244 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3f5659d6781728e01ba6972516fd9d9d3c929d80edad34ff55f7fd16fe35e71d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/give
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 09:16:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 855
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 14 Jun 2021 08:30:44 GMT
Server: Microsoft-IIS/10.0
ETag: "d6f95f91f760d71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type

GET
H2 200 bootstrap-select.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.18/js/ 52 KB
14 KB 62ms
54ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.18/js/bootstrap-select.min.js

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa8d026a6e17274410d3a5e70a20856018771835d4e398f7969529f9e9b6c815

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 748342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13973
last-modified: Mon, 29 Jun 2020 16:55:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5efa1cee-d18c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2Bg0aLOhBY3bqt%2FnOvvNHsbR0IxZ%2BoH2ezWM9O%2BV9gd97Ta0YUDS4Ey3%2BuwdSecaQUo9OLsLrAa8URW3pQmEqHdhDb5i3a0b7%2B8XoUXk38QK94nMmbW62kaRbmFhSvDs0CojqWBs%2B6YbA33YdI9PWjWc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d79b7564bbc3766-HEL
expires: Tue, 04 Jun 2024 09:16:46 GMT

GET
H2 200 jquery.prettyPhoto.min.js Show response
cdnjs.cloudflare.com/ajax/libs/prettyPhoto/3.1.6/js/ 23 KB
6 KB 60ms
53ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/prettyPhoto/3.1.6/js/jquery.prettyPhoto.min.js

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9968c81381403205040781618277724c6790a0450baa762d95a214f31ebdef3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8415159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5331
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-5c18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ty0n30cltfWJgWDMrdWXNTQK771sCEx0k3wFZaa2qKrfIhziEilNR99YL09rp3FQWqWCEJ8mYMClVZWOg2vHfr8SWR9moEcX6LQdbZpnhlbm2%2BoT4bJQ6eL8jRDi4AK2JkZMNxkA4KR8%2B5mP%2B5fEWjED"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d79b7564bc03766-HEL
expires: Tue, 04 Jun 2024 09:16:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
63 KB 270ms
120ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TML5TVL

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7f83a622c1b564255e1ff40696182189f5a1305795541b203c0be8972674221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63613
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jun 2023 09:16:46 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 213ms
61ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://creflodollarministries.org
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 464102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 00:21:44 GMT

GET
H/1.1 200
OK 41419a0e60328b148a21dc289.js Show response
chimpstatic.com/mcjs-connected/js/users/ced32e9027a724902b35ee0dc/ 50 B
787 B 411ms
176ms Script
application/javascript 184.25.158.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/ced32e9027a724902b35ee0dc/41419a0e60328b148a21dc289.js
Requested by: Host: creflodollarministries.org
URL: https://creflodollarministries.org/give
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.158.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-158-47.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 113, 406, 106, 101
Date: Thu, 15 Jun 2023 09:16:46 GMT
Last-Modified: Fri, 26 Jul 2019 08:27:20 GMT
Server: AmazonS3
x-amz-request-id: 2EAV56QMXNXCR0PF
X-EdgeConnect-MidMile-RTT: 0, 0, 0, 7
ETag: "104d46a3208b40e8ded389332f5a78a3"
Content-Type: application/javascript
Cache-Control: max-age=1776
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50
x-amz-id-2: vQfesWXJVwIviHoIGEWoyG54Capx6iWlmpZut2EJmCFHf/HFkrA4c2PRFtYoV6XL1DYZ8AZV4WY=
Expires: Thu, 15 Jun 2023 09:46:22 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
66 KB 132ms
89ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin: https://creflodollarministries.org
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
cdn-cachedat: 08/15/2022 13:52:58
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 66624
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5d62c1a3803e7d6b08afa30a556e5f8a
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7d79b7568829fe2c-HEL
cdn-requestpullsuccess: True

GET
H2 200 hotjar-2966531.js Show response
static.hotjar.com/c/ 9 KB
4 KB 269ms
97ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2966531.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TML5TVL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

2a0a930bc06b05855129689401fa6e7c2980c1470db1453b41377476f3f0a4b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/3432923861c062c28ea266ce97fc4179
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: IVNIfe_kuRtVpvmAK_2t9VZIr7PZK_QsuA4-EYdB1LjnElYjDVWAOg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
82 KB 83ms
83ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S7KFZVPNCC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TML5TVL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d01ee3d2e0a22a81b1962c89e7b6cc8f256a0a3fc24761dd5b923dd4bc679d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83588
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Jun 2023 09:16:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 134 KB
52 KB 74ms
74ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N7W9KD5

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd14bd3b1230779383bd7491984f5b2e64a0fbb06ebd1643f4236ec6d49554dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52758
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jun 2023 09:16:47 GMT

GET 6c5e3583-718e-496c-ac5e-1b8886deb112
pages.elevate.salesforce.org/embed/ Frame 0DAE 0
0

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 79ms
71ms Script
application/javascript 2600:9000:2251:ea00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/async-buttons.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:ea00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 02:31:44 GMT
content-encoding: gzip
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.20.1
x-amz-cf-pop: FRA60-P3
age: 24303
etag: W/"64875910-16245"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=259200
x-robots-tag: noindex, nofollow
x-amz-cf-id: cF6M11wKCR5Z1q11swsF9E-7hHxp0JG3yKFUzgSaKrTqM59HporQWg==
expires: Sun, 18 Jun 2023 02:31:44 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
413 B 232ms
57ms XHR
text/plain 52.29.146.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1686820607097.70210&hostname=creflodollarministries.org&location=%2Fgive&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fcreflodollarministries.org%2Fgive&title=Give%20%7C%20Creflo%20Dollar%20Ministries&sop=false&description=&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.146.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-146-197.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 09:16:47 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://creflodollarministries.org
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 222ms
63ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Jun 2023 08:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2480
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 15 Jun 2023 10:35:27 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
262 B 109ms
38ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-S7KFZVPNCC&gtm=45je36c0&_p=192010165&_gaz=1&cid=918653018.1686820607&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686820607&sct=1&seg=0&dl=https%3A%2F%2Fcreflodollarministries.org%2Fgive&dt=Give%20%7C%20Creflo%20Dollar%20Ministries&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S7KFZVPNCC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 09:16:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://creflodollarministries.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
262 B 204ms
70ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S7KFZVPNCC&cid=918653018.1686820607&gtm=45je36c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S7KFZVPNCC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 09:16:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://creflodollarministries.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
409 B 207ms
74ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S7KFZVPNCC&cid=918653018.1686820607&gtm=45je36c0&aip=1&z=698956840

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 09:16:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6c5e3583-718e-496c-ac5e-1b8886deb112 Show response
pages.elevate.salesforce.org/embed/ Frame 83C5 223 KB
25 KB 595ms
595ms Document
text/html 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/JS/Website?v=5A8OCxf2zwE7TR6ChjIPEDSmmGHAbS7rThRgWG_Qbqs1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-88.fra2.r.cloudfront.net

Software

/ Next.js

Resource Hash

934b53d54eb38e2d87c80ba7d3efb3e512a98bf0e38af24d0ed0dc2c480b28b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://creflodollarministries.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 15 Jun 2023 09:16:47 GMT
etag: "37b5e-RwcYtvRIqf+sHCf+qRpdeVc9XZg"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (devel), 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-id: KDGeIyDZ8sXriXYjgmcCzO_Uzr8tR9KI9gXqNyeeNzV-U4rCTWWe3g==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-powered-by: Next.js

GET
H/1.1 200
OK 201708234237_201601273142generic-1024.jpg
worldchangers.blob.core.windows.net/uploads/banners/ 43 KB
44 KB 141ms
141ms Image
image/jpeg 20.60.62.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worldchangers.blob.core.windows.net/uploads/banners/201708234237_201601273142generic-1024.jpg
Requested by: Host: creflodollarministries.org
URL: https://creflodollarministries.org/give
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.62.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 75af3f02e261fd1de03fcb2481abba8a3ca2f545184f03887f34a5cc0cd0b23f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 15 Jun 2023 09:16:46 GMT
Last-Modified: Wed, 23 Aug 2017 07:42:37 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: u+3lVzmG+s3CPX0Q5CCMYA==
ETag: 0x8D4E9FA86C7F279
Content-Type: image/jpeg
x-ms-request-id: 16c2c2f5-b01e-0046-666a-9fc339000000
x-ms-version: 2009-09-19
Content-Length: 44146

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
380 B 68ms
64ms Image
text/plain 52.29.146.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.146.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-146-197.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 09:16:47 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 modules.5718b73ab85bca652332.js Show response
script.hotjar.com/ 270 KB
69 KB 204ms
67ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5718b73ab85bca652332.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2966531.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

5bad0658ea23d85d08fe0c5484686cf9c7e7ebefefc47627c8013a0f1647c289

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 09:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 85360
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 70036
last-modified: Wed, 14 Jun 2023 09:33:13 GMT
etag: "aa0a9ff38247ad4cf62104f735a1a78c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: BO3CssZvPIXESHDmyMwc34ciVK1BfFdRWCRbVw59JvYLtwLmsXumMA==

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 63ms
62ms Stylesheet
text/css 2600:9000:2251:ea00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/css/buttons-secure.css

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:ea00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 02:31:45 GMT
content-encoding: gzip
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 12 Jun 2023 17:42:41 GMT
server: nginx/1.20.1
x-amz-cf-pop: FRA60-P3
age: 24302
etag: W/"64875911-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: RmHnoiDC517SJRS5ztndIo_fQoKo--sS_kPuCUwpFUJVBsib3q8l-g==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
230 B 70ms
69ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=192010165&t=pageview&_s=1&dl=https%3A%2F%2Fcreflodollarministries.org%2Fgive&ul=en-us&de=UTF-8&dt=Give%20%7C%20Creflo%20Dollar%20Ministries&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=583998501&gjid=1574626399&cid=918653018.1686820607&tid=UA-73618700-1&_gid=1271593965.1686820607&_r=1&_slc=1&z=1657790416

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3b70feb9f0a15b537edabab9a6e35128338fa8cd81ce133467e4d8cd692dffda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://creflodollarministries.org/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 09:16:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://creflodollarministries.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
70 B 67ms
67ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=192010165&t=pageview&_s=1&dl=https%3A%2F%2Fcreflodollarministries.org%2Fgive&ul=en-us&de=UTF-8&dt=Give%20%7C%20Creflo%20Dollar%20Ministries&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=7913170&gjid=250112813&cid=918653018.1686820607&tid=UA-73618700-1&_gid=1271593965.1686820607&_r=1&gtm=45He36c0n81N7W9KD5&z=372978341

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://creflodollarministries.org/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 09:16:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://creflodollarministries.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
152 B 65ms
65ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-73618700-1&cid=918653018.1686820607&jid=583998501&gjid=1574626399&_gid=1271593965.1686820607&_u=IADAAEAAAAAAACAAI~&z=1890894878

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://creflodollarministries.org/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Jun 2023 09:16:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://creflodollarministries.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 81ms
81ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0SVHL5MWWD&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecc0c6a3472dedaec0d67d0fb65a5e342929b1afa41f203454f1e707fd8cda7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81388
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Jun 2023 09:16:47 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
71 B 65ms
65ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-73618700-1&cid=918653018.1686820607&jid=7913170&gjid=250112813&_gid=1271593965.1686820607&_u=YADAAEABAAAAACAAI~&z=598459738

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://creflodollarministries.org/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Jun 2023 09:16:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://creflodollarministries.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 225ms
89ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-73618700-1&cid=918653018.1686820607&jid=583998501&_u=IADAAEAAAAAAACAAI~&z=406827114

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 09:16:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
108 B 71ms
71ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-73618700-1&cid=918653018.1686820607&jid=583998501&_u=IADAAEAAAAAAACAAI~&z=406827114

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 09:16:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
409 B 213ms
85ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-73618700-1&cid=918653018.1686820607&jid=7913170&_u=YADAAEABAAAAACAAI~&z=2020288937

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 09:16:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
108 B 72ms
71ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-73618700-1&cid=918653018.1686820607&jid=7913170&_u=YADAAEABAAAAACAAI~&z=2020288937

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 09:16:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
46 B 35ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0SVHL5MWWD&_ono=1&gtm=45je36c0&_p=192010165&_gaz=1&ul=en-us&sr=1600x1200&cid=918653018.1686820607&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBA&_s=1&dl=https%3A%2F%2Fcreflodollarministries.org%2Fgive&dt=Give%20%7C%20Creflo%20Dollar%20Ministries&sid=1686820607&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0SVHL5MWWD&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 09:16:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://creflodollarministries.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 66ms
66ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-0SVHL5MWWD&cid=918653018.1686820607&gtm=45je36c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0SVHL5MWWD&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 09:16:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://creflodollarministries.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.fi/ads/ 42 B
63 B 75ms
75ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-0SVHL5MWWD&cid=918653018.1686820607&gtm=45je36c0&aip=1&z=1830140030

Requested by

Host: creflodollarministries.org
URL: https://creflodollarministries.org/give

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 09:16:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 83C5 231 KB
82 KB 81ms
81ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C45FR8ZYRX

Requested by

Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5322dce1361fe14a766842c8354cf491812952ade74cf5a7f27a17031fd73770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83664
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Jun 2023 09:16:47 GMT

GET
H2 200 elevate-sdk.min.js Show response
payments-js.elevate.salesforce.org/ Frame 83C5 183 KB
35 KB 210ms
81ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/elevate-sdk.min.js
Requested by: Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 456a4c5dfca53be2fd8a92cc40502f7614ec6872fc18f23b77176324cdc576c8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: LJ5E1jZyDnBugwOq5inqDkolUIxWOKOa
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 05:43:49 GMT
x-amz-request-id: QA2T6VR9TJK9RFMF
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 12780
x-cache: Hit from cloudfront
content-length: 35109
x-amz-id-2: ZOCQ7BoflBPrjn50tzBNfQvh5nkpph+UVWL6R/TlZiONt7cm9flmcEpYttMYYk1vMEVfeKOUOWWTzNftagSqCTqFsx4gQm+Z2Kps87F01xE=
last-modified: Thu, 19 Jan 2023 00:15:53 GMT
server: AmazonS3
etag: "2773d3f0d43291ab06ec3dc35534bf1d"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: 4TYFeL_KOl3V1y0gVLLspzXvTsSA0IuZHXUi-ZLW_lxDr2k0QqhtZQ==

GET
H2 200 00050b4304cddbc3.css
pages.elevate.salesforce.org/_next/static/css/ Frame 83C5 21 KB
3 KB 73ms
73ms Stylesheet
text/css 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.elevate.salesforce.org/_next/static/css/00050b4304cddbc3.css

Requested by

Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-88.fra2.r.cloudfront.net

Software

Resource Hash

7a5a45232acd44e6f2148d33f80af06da890e04b5bd4ea0aa62cf2f94ea982c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 spaces-router (devel), 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:22:13 GMT
last-modified: Tue, 30 May 2023 23:01:00 GMT
x-amz-cf-pop: FRA2-C2
age: 7378
etag: W/"55c5-1886ee4abe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: mtc6Tvob49KVbgktQ1hIrejhU8-mfdh-MTXIsWLYSG6H6pGYX3Zz6g==

GET
H2 200 4940d2bda6645e64.css
pages.elevate.salesforce.org/_next/static/css/ Frame 83C5 6 KB
1 KB 74ms
74ms Stylesheet
text/css 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.elevate.salesforce.org/_next/static/css/4940d2bda6645e64.css

Requested by

Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-88.fra2.r.cloudfront.net

Software

Resource Hash

9016ad214221d3a380a5543f102ae3451e19a716b9b9a32cfc1bb278197e5a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 spaces-router (devel), 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
date: Wed, 14 Jun 2023 11:25:30 GMT
last-modified: Tue, 30 May 2023 23:01:00 GMT
x-amz-cf-pop: FRA2-C2
age: 78676
etag: W/"19bb-1886ee4abe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: qbQ1Ou3aFRSsc5tfRFMMGGOkuJxI3GTuiS3BWZPqSudnhALhax-ieQ==

GET
H2 200 webpack-378e68e29c265886.js Show response
pages.elevate.salesforce.org/_next/static/chunks/ Frame 83C5 2 KB
1 KB 58ms
58ms Script
application/javascript 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.elevate.salesforce.org/_next/static/chunks/webpack-378e68e29c265886.js

Requested by

Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-88.fra2.r.cloudfront.net

Software

Resource Hash

c112122123af6e36a38d5da11b0ca4cf5a74d7f0f3dcd38b26c52ab33d0c0396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 spaces-router (devel), 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:22:13 GMT
last-modified: Tue, 30 May 2023 23:01:00 GMT
x-amz-cf-pop: FRA2-C2
age: 7379
etag: W/"6d4-1886ee4abe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 886
x-amz-cf-id: rVoeI6ijsVVPd8p-4R-N2OBMdeCRS__RTFMK-E5ikMwjivt5ejtDAg==

GET
H2 200 main-e945c3224c3537dd.js Show response
pages.elevate.salesforce.org/_next/static/chunks/ Frame 83C5 117 KB
35 KB 72ms
71ms Script
application/javascript 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.elevate.salesforce.org/_next/static/chunks/main-e945c3224c3537dd.js

Requested by

Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-88.fra2.r.cloudfront.net

Software

Resource Hash

b4f849a31827ce40954dd785d78d19c114188dc2287fcdd59cdf0e9a84c95f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 spaces-router (devel), 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:22:13 GMT
last-modified: Tue, 30 May 2023 23:01:00 GMT
x-amz-cf-pop: FRA2-C2
age: 7379
etag: W/"1d22e-1886ee4abe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: cWGqqNuFLfkbvIG1bRvmV9S9gpf-7mmj8t7y9KKjT2Hr_pp_ufA-gA==

GET
H2 200 _app-eaf9814da1c170eb.js Show response
pages.elevate.salesforce.org/_next/static/chunks/pages/ Frame 83C5 1 MB
327 KB 71ms
69ms Script
application/javascript 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.elevate.salesforce.org/_next/static/chunks/pages/_app-eaf9814da1c170eb.js

Requested by

Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-88.fra2.r.cloudfront.net

Software

Resource Hash

fbe8e036c45d75525306adf8848514a164bb69672abdbc1e429ce99e9d018ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 spaces-router (devel), 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:22:13 GMT
last-modified: Tue, 30 May 2023 23:01:00 GMT
x-amz-cf-pop: FRA2-C2
age: 7379
etag: W/"129bce-1886ee4abe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: L-v7jay7uqS-I-RlwxSaUTMybpT5KQJvE4fo6y5XW3AppRYlANhq5g==

GET
H2 200 1bfc9850-33150c2d06f1b409.js Show response
pages.elevate.salesforce.org/_next/static/chunks/ Frame 83C5 2 KB
2 KB 200ms
197ms Script
application/javascript 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.elevate.salesforce.org/_next/static/chunks/1bfc9850-33150c2d06f1b409.js

Requested by

Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-88.fra2.r.cloudfront.net

Software

Resource Hash

6ab61f2ea49fa9ab22d96a4fd4ba28df7b65e9165aba42023c024753421940b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 spaces-router (devel), 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
date: Wed, 14 Jun 2023 13:41:11 GMT
last-modified: Tue, 30 May 2023 23:01:00 GMT
x-amz-cf-pop: FRA2-C2
age: 70537
etag: W/"865-1886ee4abe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 1104
x-amz-cf-id: PlrOj2ar2c_A22CmODbGjzJMcCT-0LZIHmn0n64aPbNiz12w-HZQYw==

GET
H2 200 d7eeaac4-5e37b4642cd89372.js Show response
pages.elevate.salesforce.org/_next/static/chunks/ Frame 83C5 920 B
1 KB 200ms
197ms Script
application/javascript 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.elevate.salesforce.org/_next/static/chunks/d7eeaac4-5e37b4642cd89372.js

Requested by

Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-88.fra2.r.cloudfront.net

Software

Resource Hash

58efae21c6e49a50e769675ebbf5a6b7328db3c131b8734fda1f6bf18743ec16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 spaces-router (devel), 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:22:13 GMT
last-modified: Tue, 30 May 2023 23:01:00 GMT
x-amz-cf-pop: FRA2-C2
age: 7379
etag: W/"398-1886ee4abe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 920
x-amz-cf-id: OsfELuW6TEekO5izZ5K_bJ7a9BuvnS6869L4Y6wnTA-4ibW4rDQwAg==

GET
H2 200 775-ce67c0dc087b4cc4.js Show response
pages.elevate.salesforce.org/_next/static/chunks/ Frame 83C5 20 KB
8 KB 207ms
205ms Script
application/javascript 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.elevate.salesforce.org/_next/static/chunks/775-ce67c0dc087b4cc4.js

Requested by

Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-88.fra2.r.cloudfront.net

Software

Resource Hash

e6dfdc1fcf0e5767b89c283e8f9f3745ae6abfd712d5e086ed5961aae22b63db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 spaces-router (devel), 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:22:13 GMT
last-modified: Tue, 30 May 2023 23:01:00 GMT
x-amz-cf-pop: FRA2-C2
age: 7379
etag: W/"508c-1886ee4abe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: Gz5MMbt646SHK3TPDLXCjO1kon4qad_-MGIeo2QatndxVzfQ6haE7w==

GET
H2 200 87-9a9fee8afc5782fd.js Show response
pages.elevate.salesforce.org/_next/static/chunks/ Frame 83C5 74 KB
21 KB 204ms
202ms Script
application/javascript 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.elevate.salesforce.org/_next/static/chunks/87-9a9fee8afc5782fd.js

Requested by

Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-88.fra2.r.cloudfront.net

Software

Resource Hash

88e079f49c3e911717bb90444158cece214d673b70995b2883d3c0908dbb95ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 spaces-router (devel), 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
date: Wed, 14 Jun 2023 11:25:31 GMT
last-modified: Tue, 30 May 2023 23:01:00 GMT
x-amz-cf-pop: FRA2-C2
age: 78677
etag: W/"12640-1886ee4abe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: zVvvQMNEfzkbYLS5p6dMsCJjFu8c_Yh9KnChZP0RfNm325VZ1MSKEA==

GET
H2 200 %5BgivingPageId%5D-6a94b79e85896bf1.js Show response
pages.elevate.salesforce.org/_next/static/chunks/pages/embed/ Frame 83C5 8 KB
4 KB 209ms
206ms Script
application/javascript 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.elevate.salesforce.org/_next/static/chunks/pages/embed/%5BgivingPageId%5D-6a94b79e85896bf1.js

Requested by

Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-88.fra2.r.cloudfront.net

Software

Resource Hash

8b88d06e22d8d0e9a05d62e0bd6b2516d72656681b2d70438fb648438f7e6478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 spaces-router (devel), 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:56:54 GMT
last-modified: Tue, 30 May 2023 23:01:00 GMT
x-amz-cf-pop: FRA2-C2
age: 5621
etag: W/"1e0c-1886ee4abe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: wm533TtkVsGxoCQXFSYHDEc7QwtY2PHIeuAGE3fmXh8ZCU_zXYAOFQ==

GET
H2 200 _buildManifest.js Show response
pages.elevate.salesforce.org/_next/static/zmNBvrqnptpovmWs6EoeD/ Frame 83C5 974 B
1 KB 205ms
203ms Script
application/javascript 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.elevate.salesforce.org/_next/static/zmNBvrqnptpovmWs6EoeD/_buildManifest.js

Requested by

Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-88.fra2.r.cloudfront.net

Software

Resource Hash

7bee58add5e14cd2cf1672f57af66004a5aca290d383bda06dc1bf0a48c00b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 spaces-router (devel), 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
date: Wed, 14 Jun 2023 21:09:15 GMT
last-modified: Tue, 30 May 2023 23:01:00 GMT
x-amz-cf-pop: FRA2-C2
age: 43653
etag: W/"3ce-1886ee4abe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 974
x-amz-cf-id: YFDz084ObBpfO_7wR21i_j9CChv76WWwK4GWQ8NzcxobiNAwCOP7-w==

GET
H2 200 _ssgManifest.js Show response
pages.elevate.salesforce.org/_next/static/zmNBvrqnptpovmWs6EoeD/ Frame 83C5 77 B
515 B 209ms
207ms Script
application/javascript 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.elevate.salesforce.org/_next/static/zmNBvrqnptpovmWs6EoeD/_ssgManifest.js

Requested by

Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-88.fra2.r.cloudfront.net

Software

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 spaces-router (devel), 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:22:13 GMT
last-modified: Tue, 30 May 2023 23:01:00 GMT
x-amz-cf-pop: FRA2-C2
age: 7379
etag: W/"4d-1886ee4abe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 77
x-amz-cf-id: s6FpWuc47Jq2Sh0ZaqtcVerCscVinfRYfRppoRtPZ38UPRHBFEpR-Q==

GET
H2 200 _middlewareManifest.js Show response
pages.elevate.salesforce.org/_next/static/zmNBvrqnptpovmWs6EoeD/ Frame 83C5 92 B
531 B 207ms
206ms Script
application/javascript 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.elevate.salesforce.org/_next/static/zmNBvrqnptpovmWs6EoeD/_middlewareManifest.js

Requested by

Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-88.fra2.r.cloudfront.net

Software

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 spaces-router (devel), 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:22:13 GMT
last-modified: Tue, 30 May 2023 23:01:13 GMT
x-amz-cf-pop: FRA2-C2
age: 7379
etag: W/"5c-1886ee4dea8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 92
x-amz-cf-id: l3-kNxvW6ooww9sHsXg-bJ6bvAjoSzQgpS3LSIWvuw87m4aOO7KsRQ==

GET
H2 200 SalesforceSans-Regular-679547df303acfaf9b97f4847d47e9df.woff2
pages.elevate.salesforce.org/_next/static/chunks/fonts/ Frame 83C5 27 KB
27 KB 181ms
180ms Font
font/woff2 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.elevate.salesforce.org/_next/static/chunks/fonts/SalesforceSans-Regular-679547df303acfaf9b97f4847d47e9df.woff2

Requested by

Host: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-88.fra2.r.cloudfront.net

Software

Resource Hash

6f2251079db9fde7d456ba66a9294899f3024dac928bec71b3ce42e1568f304f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112
Origin: https://pages.elevate.salesforce.org
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 spaces-router (devel), 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 00:33:36 GMT
last-modified: Tue, 30 May 2023 23:01:00 GMT
x-amz-cf-pop: FRA2-C2
age: 31392
etag: W/"6c24-1886ee4abe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 27684
x-amz-cf-id: IJGrD_OtEr5X0T6jatxHNpBlFfGdUsGEIqMPT5Cqt8_nhwjxINtImQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 83C5 124 KB
48 KB 78ms
77ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-187836839-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C45FR8ZYRX

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32166a64c06bb2ce88de2a9f0e50f706b242ac27176cdeb50844c363f2342194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49226
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jun 2023 09:16:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 83C5 177 KB
65 KB 87ms
86ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-189038361-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C45FR8ZYRX

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f2ff0053aa7f14489bed373945610a16009cc7adbed1cb5a132c1c4700c0740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66213
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jun 2023 09:16:48 GMT

GET
H2 200 index.html Show response
payments-js.elevate.salesforce.org/ Frame 0DE7 1 KB
1 KB 78ms
77ms Document
text/html 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/index.html
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/elevate-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40a36025c13edd9bfbc51ba8e19f5f7ed6fe774e87fd4762751f66683e367e08

Request headers

Referer: https://pages.elevate.salesforce.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 29731
content-encoding: gzip
content-length: 565
content-type: text/html
date: Thu, 15 Jun 2023 01:01:18 GMT
etag: "2741f0b5c2af6224e7bbc91ab367bf3a"
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-id: YgEWEdj9YFAj_eswnMcZDtwpRI6SdQTrhmFE1ZO6Rhi_Qi9EJhRW6Q==
x-amz-cf-pop: FRA56-P5
x-amz-id-2: QyfAutGQ1gxGbjFLYIP0paLnQauE7WzBg+mGIDZVqi2wZ6Js+QvUf6/el4tS6HbuHUvtoZMS06A=
x-amz-request-id: NER6XJZ01T6JPTDR
x-amz-server-side-encryption: AES256
x-amz-version-id: 24VuGvPviMCLyuXExJ3ZLLS_v8aV2KFm
x-cache: Hit from cloudfront

GET
H2 200 paypal.html Show response
payments-js.elevate.salesforce.org/ Frame 865D 1 KB
1 KB 95ms
95ms Document
text/html 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/paypal.html
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/elevate-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 454defb7d1cd172750cf615f594ca748f85a676bd455b2606d75b10f0770db4e

Request headers

Referer: https://pages.elevate.salesforce.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 82688
content-encoding: gzip
content-length: 575
content-type: text/html
date: Wed, 14 Jun 2023 10:18:40 GMT
etag: "f1edf49ffa9ec73e8c32b0d71458a471"
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-id: 2Wd0tjHLW8IwpaVRbHV5z_Fs_BpWeH7vnZWV0iBthLpUrjAaeKoohw==
x-amz-cf-pop: FRA56-P5
x-amz-id-2: +vt9VaHEaBS4My8QnthGKpKDTSFVC0w5B2XuH6XN06H+WJ4inAP8GKktd/hLFi8gRSMuV8v4Df4=
x-amz-request-id: G9281SFQFW7M4H3N
x-amz-server-side-encryption: AES256
x-amz-version-id: YNV3W.CkDM57JFLcYVxM8aQHR.N1fAhG
x-cache: Hit from cloudfront

GET
H2 200 webpack-9b312e20a4e32339.js Show response
payments-js.elevate.salesforce.org/_next/static/chunks/ Frame 0DE7 2 KB
1 KB 93ms
92ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/webpack-9b312e20a4e32339.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c28ee2b2973f6d6e13388d4d57b1e148070d844bd6c5481859a1db612eacc0d7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: GwtlwsErNLPnwj5imOhSbm_AxH9MZ3lX
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:13:52 GMT
x-amz-request-id: EX4MMT8DHSCRRHMT
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 7378
x-cache: Hit from cloudfront
content-length: 836
x-amz-id-2: KwaqDrRv56+M4yErpb9L354/X8cy39eO1JuW/y6AqfdB9ZLSYAUt/9FUDerDCgiJXp4OFjA5S1Q=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "5296e3b4a7c2dcfcf94b5308a5225074"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: fj7Ltdk2YLwiF0uSWsdgQC2PcWpYAThRGlq7YEHlITmbSZzHUPZ1pQ==

GET
H2 200 main-f8db2f2d77038953.js Show response
payments-js.elevate.salesforce.org/_next/static/chunks/ Frame 0DE7 119 KB
35 KB 82ms
82ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/main-f8db2f2d77038953.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89a2caba9f11ead9786d764661425b4035a22b52a253871d07370c914d324378

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: k4aZINprSGnbIhSGcwbqWBPaPleVOuvD
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:13:52 GMT
x-amz-request-id: 3GZ9EE0R5D78Y57A
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 7378
x-cache: Hit from cloudfront
content-length: 35108
x-amz-id-2: afR+jeA+agmkhNVfoqER1EBVf5tILvQAZxkwYr6sLmAD23i2Nqwj0rkrb36c05ioMiZkDNogrSbBd9Ai0Jo6Kg==
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "2591156cbba504b1fbe02c4dfb918284"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: RWdd6vBC7QAp2ac2D24WxyulQRarw9zESGxIgnXKkY0bvP_j0WWGqw==

GET
H2 200 _app-3193c29be6c582f3.js Show response
payments-js.elevate.salesforce.org/_next/static/chunks/pages/ Frame 0DE7 3 KB
2 KB 169ms
165ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/pages/_app-3193c29be6c582f3.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf802a6ab31409719f7fb4b2f5c9afd771f6db79c880dcb80522471817eb79ad

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: Nfjy9WT5PBwBRxK0vItDsbZFXxZrHcWK
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 06:30:32 GMT
x-amz-request-id: 3GZ1DDBHYCVVVSCD
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 9978
x-cache: Hit from cloudfront
content-length: 1359
x-amz-id-2: 9yTYpoO0gNerA35UBHHGV0cRzJBLP3/PaJfmqAMU7WKW/s4fHe+T/TN3jB3iINd9x+Us5hHrmJk=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "79ec61fa9213df97083081eda7ab26b1"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: 5OaXUZ6zi8RfGd86nLKr-JUga9xmi1oWYALAnm7EAsuADLekepvvww==

GET
H2 200 26-344c01f67f68b2ab.js Show response
payments-js.elevate.salesforce.org/_next/static/chunks/ Frame 0DE7 16 KB
6 KB 159ms
155ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/26-344c01f67f68b2ab.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 643201751ef6cc1dd1e9cfb58faf6a93777dc3268a74e39ce8b0153895f7102d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 7.KHmEnediESZKb6JHeNrBJhcsi.v_2g
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 06:30:32 GMT
x-amz-request-id: KVZS7YDRH0DH61AJ
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 9978
x-cache: Hit from cloudfront
content-length: 5704
x-amz-id-2: bi6eMaAlLTYOQXnM1/DXtHXE1C80rDu5drishULs4LaXd2Whp0xgy8fybPGOH3kLj1ViT1tP0lQ=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "335a03009efbdfbd882359b07f6f44ad"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: 41YEUZvTL4aAVyTcVxGZzY8zVJFDZNP8WB1fJqgTtkW1h7-B4hfHrg==

GET
H2 200 473-ff8c3bf5a513b90b.js Show response
payments-js.elevate.salesforce.org/_next/static/chunks/ Frame 0DE7 68 KB
24 KB 152ms
148ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/473-ff8c3bf5a513b90b.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8fb1a7fd3a1c37ed25dbcc212bf24da832dc8e2e9419fe463b6e760126d334e2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: uNpbykNcTj9OpTTPPIbMq3aAC2AoUpQk
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:13:52 GMT
x-amz-request-id: CMZHH3QC1S4GPJMH
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 7378
x-cache: Hit from cloudfront
content-length: 23768
x-amz-id-2: ykFT1ih28naRFUoq0OJvFSp4ESvMZ63R12WZzRrGX9j+IRF5FazWiy6EWMtxeVHH2d9Xt+i29Bw=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "af1637b8415b4db800bb55ba6bbb3849"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: OoXIWR65fWp97luVRXs_zLxBLZ-PmsfF1suifQ-Hf3wmuHPmtfZSbA==

GET
H2 200 547-2db82f9665742061.js Show response
payments-js.elevate.salesforce.org/_next/static/chunks/ Frame 0DE7 77 KB
31 KB 138ms
134ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/547-2db82f9665742061.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac08c107ca650ec827eaf80852b70506ec2d0e27ae87d651bb1ba9b2fe003dee

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: EUd5fbNqSOi4YF9fofz9KG9aMsgziqxe
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 03:24:53 GMT
x-amz-request-id: D9GA958Y86RJXJ3D
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 21117
x-cache: Hit from cloudfront
content-length: 31001
x-amz-id-2: v+vkSVh7cSWCpBfD922DO+rOP0CpkTU0U/g0MRfLV/WpBP6T9GNq/8P+b/cn9TBNcE6HHBRIqVo=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "156d5d177719be4b0b848089b8f5b49d"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: R_cIrLf7-bydPf_zS8cQjrsvCM3cF2e98pT3eO0TI10uw78UsatIBQ==

GET
H2 200 731-1f30e373b3e2077e.js Show response
payments-js.elevate.salesforce.org/_next/static/chunks/ Frame 0DE7 16 KB
6 KB 168ms
164ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/731-1f30e373b3e2077e.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80cde2ae8e6e56445bb648ae7bc7c8b1d8715e058e0d370ef404d6867977b2b8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: SMhaQSVoOFGGXcd1katYoP4o1.cuKXqv
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:13:52 GMT
x-amz-request-id: EX4YET4DBE96AYED
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 7378
x-cache: Hit from cloudfront
content-length: 5309
x-amz-id-2: I9eBae7+rZDz+I9JtQw2LfKQ2EjFfeX3zJA7xEYJj34Hyyg+abYMPvo5sdRKlSit+K0JMJ157E8=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "18226a00761e8d4e2bf462e24c49731c"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: S7b0rPJDZLAx4XV81Z_tADR68vSFOfz0RuxjHnMMpfKsnRy5IucbvA==

GET
H2 200 index-0b3a14eacefae987.js Show response
payments-js.elevate.salesforce.org/_next/static/chunks/pages/ Frame 0DE7 21 KB
6 KB 162ms
158ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/pages/index-0b3a14eacefae987.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 107f9481b2dd83ad65f779262c7ffe23ab73f264feac2ba203b0ee86830a1a35

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: IfNOfF652r8pmfqOTO.IyBz3iU7iwk6b
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 03:24:53 GMT
x-amz-request-id: D9G5A62RHF8M93J5
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 21117
x-cache: Hit from cloudfront
content-length: 6067
x-amz-id-2: 90pAsXmJ3oxRI1qZu25YS2a+NnpN6u4wkYELMSIvX17fSlQbv2mD6JCjR0jJB/65C3c3swKMvoQ=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "e16ec378ede8b858f856cf14e0e1ea80"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: 81KLQQPsOcbybv92B9AJ6CF3xc087Va13lH4wXZuGLc-pEmvOEEUrA==

GET
H2 200 _buildManifest.js Show response
payments-js.elevate.salesforce.org/_next/static/gRVNOWjzd_b7nxe1Mi9A-/ Frame 0DE7 703 B
945 B 169ms
165ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/gRVNOWjzd_b7nxe1Mi9A-/_buildManifest.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a77d0f1f42cefa07b3956058d9630989ce87502c392abae4f58c68b61776893a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 5xEJvLrtL2oEpKc9_09hqMujGQF83fEH
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:13:52 GMT
x-amz-request-id: KVZPNKMWPJ22BCMS
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 7378
x-cache: Hit from cloudfront
content-length: 380
x-amz-id-2: HxZ7AOST7lPxJBz3rQ5pABSjApqBEsgR2LDeO194YNdz6b2xGBso001LOF34Hnov3u7HWJA1bvty56OBl14gR6JjL+9Ux24G+ILr+SL/W2g=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "d404ed7ba0e903dd007c0ee010e67842"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: Yb5tvTc-jqRrPWuSONxdG4SRDmtqu22oangy-7DODhaEy3IkGGJ9Eg==

GET
H2 200 _ssgManifest.js Show response
payments-js.elevate.salesforce.org/_next/static/gRVNOWjzd_b7nxe1Mi9A-/ Frame 0DE7 77 B
598 B 200ms
197ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/gRVNOWjzd_b7nxe1Mi9A-/_ssgManifest.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: Tj_WDXaIRP4LMKx1nNuZh3T3ccvBiWe_
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:13:52 GMT
x-amz-request-id: CMZYEVV6S8JGBQEM
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 7378
x-cache: Hit from cloudfront
content-length: 61
x-amz-id-2: o5wuO/wpdlqFrOoD0EVk8nKFtZH3sZ4W2d/7foKeshVdRRaODl2nRDvU8XJK1r/SXsgPoaVSek8=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "e784a1256cfc80b7bc520713d4fb2578"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: IGR4IzZazt8Vv2o2L5F1v-i05ZgWR-fwIkKwjERxnRHGhOFuWaJJTg==

GET
H2 200 _middlewareManifest.js Show response
payments-js.elevate.salesforce.org/_next/static/gRVNOWjzd_b7nxe1Mi9A-/ Frame 0DE7 92 B
610 B 169ms
166ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/gRVNOWjzd_b7nxe1Mi9A-/_middlewareManifest.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: D7DjUjpcHaUvsotfQSR2BAfTi4thAE.J
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:13:52 GMT
x-amz-request-id: CMZJ8M46XP13WR94
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 7378
x-cache: Hit from cloudfront
content-length: 62
x-amz-id-2: CCp40J0WMFlHqwOtOb7DVHfUdD/Zgqk4S4YE2Jia13Yh0KblEXTAA7jilTAKVYVHB63xZxKGYkW7HPwxRmbzkA==
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "421ac4a737236e20dcd55b141b4c0fb4"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: _XFwXcFDxkfGv-hxcLEmdJkBN2jPeO3uib5hHdZwEKxHS3bnyUhFsw==

GET
H2 200 webpack-9b312e20a4e32339.js Show response
payments-js.elevate.salesforce.org/_next/static/chunks/ Frame 865D 2 KB
1 KB 171ms
170ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/webpack-9b312e20a4e32339.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/paypal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c28ee2b2973f6d6e13388d4d57b1e148070d844bd6c5481859a1db612eacc0d7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/paypal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: GwtlwsErNLPnwj5imOhSbm_AxH9MZ3lX
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:13:52 GMT
x-amz-request-id: EX4MMT8DHSCRRHMT
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 7378
x-cache: Hit from cloudfront
content-length: 836
x-amz-id-2: KwaqDrRv56+M4yErpb9L354/X8cy39eO1JuW/y6AqfdB9ZLSYAUt/9FUDerDCgiJXp4OFjA5S1Q=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "5296e3b4a7c2dcfcf94b5308a5225074"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: TF_ojXk1QPB-MN3S0NSts_ryasnKXA6lQ0X7Xdo2OK0QipHC6wHXsQ==

GET
H2 200 main-f8db2f2d77038953.js Show response
payments-js.elevate.salesforce.org/_next/static/chunks/ Frame 865D 119 KB
35 KB 98ms
98ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/main-f8db2f2d77038953.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/paypal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89a2caba9f11ead9786d764661425b4035a22b52a253871d07370c914d324378

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/paypal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: k4aZINprSGnbIhSGcwbqWBPaPleVOuvD
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:13:52 GMT
x-amz-request-id: 3GZ9EE0R5D78Y57A
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 7378
x-cache: Hit from cloudfront
content-length: 35108
x-amz-id-2: afR+jeA+agmkhNVfoqER1EBVf5tILvQAZxkwYr6sLmAD23i2Nqwj0rkrb36c05ioMiZkDNogrSbBd9Ai0Jo6Kg==
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "2591156cbba504b1fbe02c4dfb918284"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: MiL3NM3bUHIOtA1xnqcQTy4iLG08hY85ZD_wMgPcrY0a2KsHPQpBcA==

GET
H2 200 _app-3193c29be6c582f3.js Show response
payments-js.elevate.salesforce.org/_next/static/chunks/pages/ Frame 865D 3 KB
2 KB 188ms
185ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/pages/_app-3193c29be6c582f3.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/paypal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf802a6ab31409719f7fb4b2f5c9afd771f6db79c880dcb80522471817eb79ad

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/paypal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: Nfjy9WT5PBwBRxK0vItDsbZFXxZrHcWK
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 06:30:32 GMT
x-amz-request-id: 3GZ1DDBHYCVVVSCD
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 9978
x-cache: Hit from cloudfront
content-length: 1359
x-amz-id-2: 9yTYpoO0gNerA35UBHHGV0cRzJBLP3/PaJfmqAMU7WKW/s4fHe+T/TN3jB3iINd9x+Us5hHrmJk=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "79ec61fa9213df97083081eda7ab26b1"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: TtobHOPfTFP_NNxiJHV5MV4_k0l3ny9L6EY0z_zN4VKiXHRu4nu6eA==

GET
H2 200 26-344c01f67f68b2ab.js Show response
payments-js.elevate.salesforce.org/_next/static/chunks/ Frame 865D 16 KB
6 KB 189ms
186ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/26-344c01f67f68b2ab.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/paypal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 643201751ef6cc1dd1e9cfb58faf6a93777dc3268a74e39ce8b0153895f7102d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/paypal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 7.KHmEnediESZKb6JHeNrBJhcsi.v_2g
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 06:30:32 GMT
x-amz-request-id: KVZS7YDRH0DH61AJ
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 9978
x-cache: Hit from cloudfront
content-length: 5704
x-amz-id-2: bi6eMaAlLTYOQXnM1/DXtHXE1C80rDu5drishULs4LaXd2Whp0xgy8fybPGOH3kLj1ViT1tP0lQ=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "335a03009efbdfbd882359b07f6f44ad"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: H4I4MSR2QoFpMXvXfnNhcEs1l1hQkllyFQYjJt5j6zeA564zN55tGA==

GET
H2 200 473-ff8c3bf5a513b90b.js Show response
payments-js.elevate.salesforce.org/_next/static/chunks/ Frame 865D 68 KB
24 KB 175ms
173ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/473-ff8c3bf5a513b90b.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/paypal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8fb1a7fd3a1c37ed25dbcc212bf24da832dc8e2e9419fe463b6e760126d334e2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/paypal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: uNpbykNcTj9OpTTPPIbMq3aAC2AoUpQk
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:13:52 GMT
x-amz-request-id: CMZHH3QC1S4GPJMH
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 7378
x-cache: Hit from cloudfront
content-length: 23768
x-amz-id-2: ykFT1ih28naRFUoq0OJvFSp4ESvMZ63R12WZzRrGX9j+IRF5FazWiy6EWMtxeVHH2d9Xt+i29Bw=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "af1637b8415b4db800bb55ba6bbb3849"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: pfqr_UaXwfLiLSjLBioQjn5-4AeDhWjkN0b5axwg0txmPJWSqxaU3A==

GET
H2 200 731-1f30e373b3e2077e.js Show response
payments-js.elevate.salesforce.org/_next/static/chunks/ Frame 865D 16 KB
6 KB 190ms
188ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/731-1f30e373b3e2077e.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/paypal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80cde2ae8e6e56445bb648ae7bc7c8b1d8715e058e0d370ef404d6867977b2b8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/paypal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: SMhaQSVoOFGGXcd1katYoP4o1.cuKXqv
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:13:52 GMT
x-amz-request-id: EX4YET4DBE96AYED
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 7378
x-cache: Hit from cloudfront
content-length: 5309
x-amz-id-2: I9eBae7+rZDz+I9JtQw2LfKQ2EjFfeX3zJA7xEYJj34Hyyg+abYMPvo5sdRKlSit+K0JMJ157E8=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "18226a00761e8d4e2bf462e24c49731c"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: d0oKNzLP7WKw_YioyHbUNAqaIZ2D4U1kofxOYerZPyz4PGagE1DDVw==

GET
H2 200 paypal-40f56e254a9994f7.js Show response
payments-js.elevate.salesforce.org/_next/static/chunks/pages/ Frame 865D 7 KB
3 KB 170ms
168ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/pages/paypal-40f56e254a9994f7.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/paypal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0a641448a59a788a6533b3781caae5049cebcdac20d9ef028fde9a6e6070c06

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/paypal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: D4iS2USuhuwDcgLBTX6csVs7aRZSNF01
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Wed, 14 Jun 2023 10:18:41 GMT
x-amz-request-id: G92BNHQ1N9HH8AK0
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 82689
x-cache: Hit from cloudfront
content-length: 2522
x-amz-id-2: AV2cmthsyoDDLHjuGgPVOBF5/J9Fm2Mdu6ZRsJUF49VnlTjhxdqwg+ssSp1ayXFDNE08hbfBQe8=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "2d92d65003e1f737fa65a9060a642f4b"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: RaLWiDM2nxoIMz0YigX8ZtI-3cKUuk78gIJA5oHIgkvKF-BkBIUf9A==

GET
H2 200 _buildManifest.js Show response
payments-js.elevate.salesforce.org/_next/static/gRVNOWjzd_b7nxe1Mi9A-/ Frame 865D 703 B
946 B 200ms
198ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/gRVNOWjzd_b7nxe1Mi9A-/_buildManifest.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/paypal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a77d0f1f42cefa07b3956058d9630989ce87502c392abae4f58c68b61776893a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/paypal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 5xEJvLrtL2oEpKc9_09hqMujGQF83fEH
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:13:52 GMT
x-amz-request-id: KVZPNKMWPJ22BCMS
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 7378
x-cache: Hit from cloudfront
content-length: 380
x-amz-id-2: HxZ7AOST7lPxJBz3rQ5pABSjApqBEsgR2LDeO194YNdz6b2xGBso001LOF34Hnov3u7HWJA1bvty56OBl14gR6JjL+9Ux24G+ILr+SL/W2g=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "d404ed7ba0e903dd007c0ee010e67842"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: xVpU9Z9eB_4g6jKBOzwIjqPA61jZBTYEFpeGgVCOc8nDIXmqQafD5A==

GET
H2 200 _ssgManifest.js Show response
payments-js.elevate.salesforce.org/_next/static/gRVNOWjzd_b7nxe1Mi9A-/ Frame 865D 77 B
597 B 189ms
187ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/gRVNOWjzd_b7nxe1Mi9A-/_ssgManifest.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/paypal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/paypal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: Tj_WDXaIRP4LMKx1nNuZh3T3ccvBiWe_
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:13:52 GMT
x-amz-request-id: CMZYEVV6S8JGBQEM
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 7378
x-cache: Hit from cloudfront
content-length: 61
x-amz-id-2: o5wuO/wpdlqFrOoD0EVk8nKFtZH3sZ4W2d/7foKeshVdRRaODl2nRDvU8XJK1r/SXsgPoaVSek8=
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "e784a1256cfc80b7bc520713d4fb2578"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: 0Zxp3-X-obuJWwDpYA-AoypryHd_3lYyySKNgkX7hANU_sbdu1jnMQ==

GET
H2 200 _middlewareManifest.js Show response
payments-js.elevate.salesforce.org/_next/static/gRVNOWjzd_b7nxe1Mi9A-/ Frame 865D 92 B
610 B 200ms
198ms Script
application/javascript 18.66.112.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-js.elevate.salesforce.org/_next/static/gRVNOWjzd_b7nxe1Mi9A-/_middlewareManifest.js
Requested by: Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/paypal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/paypal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: D7DjUjpcHaUvsotfQSR2BAfTi4thAE.J
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 07:13:52 GMT
x-amz-request-id: CMZJ8M46XP13WR94
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
age: 7378
x-cache: Hit from cloudfront
content-length: 62
x-amz-id-2: CCp40J0WMFlHqwOtOb7DVHfUdD/Zgqk4S4YE2Jia13Yh0KblEXTAA7jilTAKVYVHB63xZxKGYkW7HPwxRmbzkA==
last-modified: Sat, 14 Jan 2023 00:41:17 GMT
server: AmazonS3
etag: "421ac4a737236e20dcd55b141b4c0fb4"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: epbNI3RN_6mfz5Nx9Qpxd8RtiCyr3xXLAfq6Tjj7TNdQwjMb8QHV6g==

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 83C5 51 KB
20 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187836839-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Jun 2023 08:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2482
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 15 Jun 2023 10:35:27 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 83C5 228 KB
81 KB 78ms
78ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BYJVSHEDVN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-189038361-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f12e922907e5f543ec3045ec6889098ea577bef9237fe32dd73f454452e71601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pages.elevate.salesforce.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82466
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Jun 2023 09:16:49 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 82ms
81ms Image
text/html 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1953131080&rv=36c0&cid=GTM-N7W9KD5&qi=0&l=GTM-N7W9KD5.L1283.S1.Y26.E2023.EC7.TC1.HTC0~gtm.init.S0.E22~gtm.js.S0.E402.TS5ua.TE3~gtm.dom.S0.E15~*.S0.E27~*.S0.E5~gtm.load.S0.E2~gtm.init_consent.S1.E24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:49 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 865D 269 KB
76 KB 189ms
57ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AZOn5PoFngUMjXvBOL0qr9Ox33XoKm76YHdIkF9m8TNMism-R3g5GFLpmX40Z_Ryea8h9CWS4FdrU1O3&components=buttons&disable-funding=credit,card&merchant-id=6FQ84ZJAJXJYC

Requested by

Host: payments-js.elevate.salesforce.org
URL: https://payments-js.elevate.salesforce.org/_next/static/chunks/pages/paypal-40f56e254a9994f7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0550b48d0ab16de6b20b79aa996d899dcfa60393e8544cc3688eb34dd68fd8e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-/yNJyL54c1I1OhPYlxPSmLZTOj/zc+wY5YwOzQgzyC9tXsaL' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-/yNJyL54c1I1OhPYlxPSmLZTOj/zc+wY5YwOzQgzyC9tXsaL' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-/yNJyL54c1I1OhPYlxPSmLZTOj/zc+wY5YwOzQgzyC9tXsaL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-/yNJyL54c1I1OhPYlxPSmLZTOj/zc+wY5YwOzQgzyC9tXsaL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Jun 2023 09:16:49 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5
x-cache: HIT
p3p: true
paypal-debug-id: f14480189e083
server-timing: "traceparent;desc="00-0000000000000000000f14480189e083-a22b61dc7c8ab8e4-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 75871
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230031-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f14480189e083-883877dad5a9a216-01
x-timer: S1686820610.668479,VS0,VE2
etag: W/"1285f-H1War83gTwxmLfuz9UR3EFdUJ+8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ Frame 865D 13 KB
6 KB 59ms
58ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=payments-js.elevate.salesforce.org&t=xo&v=5.0.378&source=payments_sdk&mrid=6FQ84ZJAJXJYC&client_id=AZOn5PoFngUMjXvBOL0qr9Ox33XoKm76YHdIkF9m8TNMism-R3g5GFLpmX40Z_Ryea8h9CWS4FdrU1O3&comp=buttons&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AZOn5PoFngUMjXvBOL0qr9Ox33XoKm76YHdIkF9m8TNMism-R3g5GFLpmX40Z_Ryea8h9CWS4FdrU1O3&components=buttons&disable-funding=credit,card&merchant-id=6FQ84ZJAJXJYC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8eb5f75311339e397ab1b28fd32d4992af9e645ff00710dd9f49b88a4246f9a7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-nykG+KwsHogTHW/ytHFnxQ2Oh5FBL7HOGUDI5EgFowmgcyOV' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-nykG+KwsHogTHW/ytHFnxQ2Oh5FBL7HOGUDI5EgFowmgcyOV' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Jun 2023 09:16:49 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 2124
x-cache: HIT
paypal-debug-id: f5502279cf537
server-timing: "traceparent;desc="00-0000000000000000000f5502279cf537-3670e4e5deeae2a5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4775
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230031-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f5502279cf537-413824aa6545c6cc-01
x-timer: S1686820610.818973,VS0,VE2
etag: W/"3578-tkz2YH9rsmdG8SezkLSWHnY2SS0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 3AEF 380 KB
139 KB 412ms
412ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=white&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.378&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpPbjVQb0ZuZ1VNalh2Qk9MMHFyOU94MzNYb0ttNzZZSGRJa0Y5bThUTk1pc20tUjNnNUdGTHBtWDQwWl9SeWVhOGg5Q1dTNEZkclUxTzMmY29tcG9uZW50cz1idXR0b25zJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZtZXJjaGFudC1pZD02RlE4NFpKQUpYSllDIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfbGJ5b2FrZW9ycndxeGxxaXNrenp4bGR4Z2tkeHhyIn19&clientID=AZOn5PoFngUMjXvBOL0qr9Ox33XoKm76YHdIkF9m8TNMism-R3g5GFLpmX40Z_Ryea8h9CWS4FdrU1O3&sdkCorrelationID=f3997137ecb5c&storageID=uid_e6188b1fd2_mdk6mty6ndk&sessionID=uid_bd1c319e94_mdk6mty6ndk&buttonSessionID=uid_067d958a43_mdk6mty6ndk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&merchantID.0=6FQ84ZJAJXJYC&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

88f646afd332c6ed4fdc25ae8f81a3d1a1f9a6ceaa78e77e028f07ba764ce391

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payments-js.elevate.salesforce.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 15 Jun 2023 09:16:50 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5f122-T6E0tqsf1b3ZDVW/mfj19doiqjA"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f3158097c2cc6
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f3158097c2cc6-e290ab2d45183f8c-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f3158097c2cc6-ebd4dbf8ef946184-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-eddf8230031-FRA
x-timer: S1686820610.870833,VS0,VE356
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 70BC 3 KB
2 KB 156ms
38ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F74B) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1867a673a7a0f
dc: ccg11-origin-www-1.paypal.com
content-length: 1217
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (ska/F74B)
traceparent: 00-00000000000000000001867a673a7a0f-f3dfb61d7baab926-01
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 15 Jun 2023 10:16:49 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 865D 1022 B
2 KB 261ms
261ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6a54d3754ca03adb7b754ea571229a38ba295dc3cb33c0d260f25e3e09185322

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://payments-js.elevate.salesforce.org/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json

Response headers

date: Thu, 15 Jun 2023 09:16:50 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f315809439b4e
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230120-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f315809439b4e-4bfa97622fc1fa23-01
x-timer: S1686820610.274159,VS0,VE206
etag: W/"3fe-d3Q8o+UKvoh3rdUVx4fTzBmpPVs"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://payments-js.elevate.salesforce.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 358ms
227ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments-js.elevate.salesforce.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://payments-js.elevate.salesforce.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 15 Jun 2023 09:16:50 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f31580906245b
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f31580906245b-f3571842c8f913d4-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230120-FRA
x-timer: S1686820610.048743,VS0,VE169

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ Frame 865D 55 KB
16 KB 108ms
39ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=payments-js.elevate.salesforce.org&t=xo&v=5.0.378&source=payments_sdk&mrid=6FQ84ZJAJXJYC&client_id=AZOn5PoFngUMjXvBOL0qr9Ox33XoKm76YHdIkF9m8TNMism-R3g5GFLpmX40Z_Ryea8h9CWS4FdrU1O3&comp=buttons&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F6AB) /

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: dd3f91d8bc15b
dc: ccg11-origin-www-1.paypal.com
content-length: 16464
last-modified: Tue, 03 May 2022 17:28:29 GMT
server: ECAcc (ska/F6AB)
traceparent: 00-0000000000000000000dd3f91d8bc15b-2402e2f4abfdd78e-01
etag: "6271663d-da91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 15 Jun 2023 10:16:49 GMT

GET
H2 200 ts
t.paypal.com/ Frame 865D 42 B
791 B 383ms
230ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A6FQ84ZJAJXJYC-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A6FQ84ZJAJXJYC-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=18e90da9-5f5d-410f-8fd6-0d06f677cb63&fltp=analytics&mrid=6FQ84ZJAJXJYC&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&dh=1200&dw=1600&bh=0&bw=0&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1686820609897&g=0&completeurl=https%3A%2F%2Fpayments-js.elevate.salesforce.org%2Fpaypal.html&ru=https%3A%2F%2Fpages.elevate.salesforce.org%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 15 Jun 2023 09:16:50 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 7356043316861
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230066-FRA
pragma: no-cache
correlation-id: 7356043316861
traceparent: 00-00000000000000000007356043316861-f798772b87aab156-01
x-timer: S1686820610.074094,VS0,VE175
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 09:16:50 GMT

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame B8F5 54 KB
17 KB 41ms
40ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F764) /

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments-js.elevate.salesforce.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Thu, 15 Jun 2023 09:16:50 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6271663d-d994"
expires: Thu, 15 Jun 2023 10:16:50 GMT
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 54cbb9a7ae3d6
server: ECAcc (ska/F764)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000054cbb9a7ae3d6-48f4634a1a1573e1-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 ts
t.paypal.com/ Frame 865D 42 B
459 B 230ms
229ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A6FQ84ZJAJXJYC-1&page=muse%3Aoffer%3A%3A%3A6FQ84ZJAJXJYC-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=18e90da9-5f5d-410f-8fd6-0d06f677cb63&es=visitorInfoFlowStarted&mrid=6FQ84ZJAJXJYC&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&dh=1200&dw=1600&bh=0&bw=0&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1686820610151&g=0&completeurl=https%3A%2F%2Fpayments-js.elevate.salesforce.org%2Fpaypal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://payments-js.elevate.salesforce.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 15 Jun 2023 09:16:50 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 147341c28da9f
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230066-FRA
pragma: no-cache
correlation-id: 147341c28da9f
traceparent: 00-0000000000000000000147341c28da9f-0fbd3b503d96b9f5-01
x-timer: S1686820610.176973,VS0,VE156
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 09:16:50 GMT

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 214ms
214ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 15 Jun 2023 09:16:50 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f315809c20c25
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f315809c20c25-d8e1113b90f1accb-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230120-FRA
x-timer: S1686820610.181102,VS0,VE159

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame B8F5 435 B
2 KB 316ms
316ms Fetch
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

50f781b931f69266d92381ed5a4a561dc01f428f48cb3d66329e273254d19062

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-jrgoGg+l4RAdZAIrOmWrJ9hxcGAOJVmu1ls4tP83+TkkcwCo' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-jrgoGg+l4RAdZAIrOmWrJ9hxcGAOJVmu1ls4tP83+TkkcwCo' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
date: Thu, 15 Jun 2023 09:16:50 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f31580991ac14
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230031-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f31580991ac14-f1496fdc0a149a85-01
x-timer: S1686820610.396057,VS0,VE261
etag: W/"1b3-/AH+3Tc1sPS7pkf9RtGTFQ0Vwck"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0

GET
H2 200 index.html Show response
ws.sharethis.com/secure5x/ Frame E7D0 14 KB
4 KB 64ms
64ms Document
text/html 2600:9000:2251:ea00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/index.html

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:ea00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

93ba39fb13f96a8cba31b67c3a4199c56c753fab437e5863ce2aa3a943a770cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://creflodollarministries.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 69546
content-encoding: gzip
content-length: 4083
content-type: text/html
date: Wed, 14 Jun 2023 13:57:44 GMT
etag: W/"64875911-390f"
last-modified: Mon, 12 Jun 2023 17:42:41 GMT
server: nginx/1.20.1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-id: 4nWgkNf0FIBepiw7wH3mqu14FXD1d1vk5LRUiN_GN0MLveAcNrDqTg==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
x-robots-tag: noindex, nofollow

GET
H2 200 stcommon.1f60705adac788a51a8240cf535237b0.js Show response
ws.sharethis.com/secure5x/js/ Frame E7D0 16 KB
6 KB 65ms
64ms Script
application/javascript 2600:9000:2251:ea00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:ea00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 21:50:50 GMT
content-encoding: gzip
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 6261960
x-cache: Hit from cloudfront
content-length: 5630
server: nginx/1.20.1
etag: W/"64012824-40f6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: mEhHCy25uiFsRur2kX-w6ecHUWWuluvjroDZvz_MFFrz_O1sLTu70A==
expires: Tue, 02 Apr 2024 21:50:50 GMT

GET
H2 200 st.ee282f241506cf896f5759fa7372f8cc.js Show response
ws.sharethis.com/secure5x/js/ Frame E7D0 223 KB
52 KB 81ms
80ms Script
application/javascript 2600:9000:2251:ea00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/js/st.ee282f241506cf896f5759fa7372f8cc.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:ea00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

15b1ee97d0973eb26244def2aef7527d93e1fa91e9a7c380e8dfb7a681881a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 19:01:42 GMT
content-encoding: gzip
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.20.1
x-amz-cf-pop: FRA60-P3
age: 224108
etag: W/"64875911-37cf3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: Y64JjJ8RgGLvHB7IfRcuo7uHu6ZVfzgzARz9ccidbqt-3-C6gHT-tw==
expires: Tue, 11 Jun 2024 19:01:42 GMT

GET
DATA 200
OK truncated
/ Frame 3AEF 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 3AEF 269 KB
75 KB 60ms
60ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AZOn5PoFngUMjXvBOL0qr9Ox33XoKm76YHdIkF9m8TNMism-R3g5GFLpmX40Z_Ryea8h9CWS4FdrU1O3&components=buttons&disable-funding=credit,card&merchant-id=6FQ84ZJAJXJYC

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=white&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.378&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpPbjVQb0ZuZ1VNalh2Qk9MMHFyOU94MzNYb0ttNzZZSGRJa0Y5bThUTk1pc20tUjNnNUdGTHBtWDQwWl9SeWVhOGg5Q1dTNEZkclUxTzMmY29tcG9uZW50cz1idXR0b25zJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZtZXJjaGFudC1pZD02RlE4NFpKQUpYSllDIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfbGJ5b2FrZW9ycndxeGxxaXNrenp4bGR4Z2tkeHhyIn19&clientID=AZOn5PoFngUMjXvBOL0qr9Ox33XoKm76YHdIkF9m8TNMism-R3g5GFLpmX40Z_Ryea8h9CWS4FdrU1O3&sdkCorrelationID=f3997137ecb5c&storageID=uid_e6188b1fd2_mdk6mty6ndk&sessionID=uid_bd1c319e94_mdk6mty6ndk&buttonSessionID=uid_067d958a43_mdk6mty6ndk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&merchantID.0=6FQ84ZJAJXJYC&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0550b48d0ab16de6b20b79aa996d899dcfa60393e8544cc3688eb34dd68fd8e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-/yNJyL54c1I1OhPYlxPSmLZTOj/zc+wY5YwOzQgzyC9tXsaL' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-/yNJyL54c1I1OhPYlxPSmLZTOj/zc+wY5YwOzQgzyC9tXsaL' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=white&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.378&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpPbjVQb0ZuZ1VNalh2Qk9MMHFyOU94MzNYb0ttNzZZSGRJa0Y5bThUTk1pc20tUjNnNUdGTHBtWDQwWl9SeWVhOGg5Q1dTNEZkclUxTzMmY29tcG9uZW50cz1idXR0b25zJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZtZXJjaGFudC1pZD02RlE4NFpKQUpYSllDIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfbGJ5b2FrZW9ycndxeGxxaXNrenp4bGR4Z2tkeHhyIn19&clientID=AZOn5PoFngUMjXvBOL0qr9Ox33XoKm76YHdIkF9m8TNMism-R3g5GFLpmX40Z_Ryea8h9CWS4FdrU1O3&sdkCorrelationID=f3997137ecb5c&storageID=uid_e6188b1fd2_mdk6mty6ndk&sessionID=uid_bd1c319e94_mdk6mty6ndk&buttonSessionID=uid_067d958a43_mdk6mty6ndk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&merchantID.0=6FQ84ZJAJXJYC&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-/yNJyL54c1I1OhPYlxPSmLZTOj/zc+wY5YwOzQgzyC9tXsaL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-/yNJyL54c1I1OhPYlxPSmLZTOj/zc+wY5YwOzQgzyC9tXsaL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Jun 2023 09:16:50 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6
x-cache: HIT
p3p: true
paypal-debug-id: f14480189e083
server-timing: "traceparent;desc="00-0000000000000000000f14480189e083-a22b61dc7c8ab8e4-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 75871
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230031-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f14480189e083-883877dad5a9a216-01
x-timer: S1686820611.582371,VS0,VE1
etag: W/"1285f-H1War83gTwxmLfuz9UR3EFdUJ+8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 3AEF 60 KB
21 KB 46ms
42ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F6AA) /

Resource Hash

38a98855add87ceae220cdceb1bc4e75e6c5c05346bbedea09279c03043297f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 233249
x-cache: HIT
paypal-debug-id: b1e4b6c6c8883
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20654
last-modified: Fri, 12 May 2023 17:09:48 GMT
server: ECAcc (ska/F6AA)
traceparent: 00-0000000000000000000b1e4b6c6c8883-9305c8ca10f31823-01
etag: W/"645e72dc-eeee"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jun 2023 09:16:51 GMT

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 1839 160 B
1 KB 228ms
216ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF1) /

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ch: sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 141
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 189af9884fb7a
date: Thu, 15 Jun 2023 09:16:51 GMT
origin-trial: A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id: 189af9884fb7a
server: ECAcc (frc/4CF1)
server-timing: traceparent;desc="00-0000000000000000000189af9884fb7a-9bca3f8d1b1b5c0f-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000189af9884fb7a-9aaa0aecdb358952-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 1446
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_bd1c319e94_mdk6mty6ndk&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_bd1c319e94_mdk6mty6ndk&s=SMART_PAYMENT_BUTTONS

42 B
299 B

1074ms
87ms

Image
image/jpeg

64.4.245.84

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_bd1c319e94_mdk6mty6ndk&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=white&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.378&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpPbjVQb0ZuZ1VNalh2Qk9MMHFyOU94MzNYb0ttNzZZSGRJa0Y5bThUTk1pc20tUjNnNUdGTHBtWDQwWl9SeWVhOGg5Q1dTNEZkclUxTzMmY29tcG9uZW50cz1idXR0b25zJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZtZXJjaGFudC1pZD02RlE4NFpKQUpYSllDIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfbGJ5b2FrZW9ycndxeGxxaXNrenp4bGR4Z2tkeHhyIn19&clientID=AZOn5PoFngUMjXvBOL0qr9Ox33XoKm76YHdIkF9m8TNMism-R3g5GFLpmX40Z_Ryea8h9CWS4FdrU1O3&sdkCorrelationID=f3997137ecb5c&storageID=uid_e6188b1fd2_mdk6mty6ndk&sessionID=uid_bd1c319e94_mdk6mty6ndk&buttonSessionID=uid_067d958a43_mdk6mty6ndk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&merchantID.0=6FQ84ZJAJXJYC&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 -, , ASN (),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 09:16:52 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_bd1c319e94_mdk6mty6ndk&s=SMART_PAYMENT_BUTTONS
Date: Thu, 15 Jun 2023 09:16:51 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 3AEF 1 KB
2 KB 263ms
248ms Ping
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

df7e5d9488ec5a5fe504a3db62f5bd6db68e7c16fe22aa142a1e6e86191d1491

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=white&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.378&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpPbjVQb0ZuZ1VNalh2Qk9MMHFyOU94MzNYb0ttNzZZSGRJa0Y5bThUTk1pc20tUjNnNUdGTHBtWDQwWl9SeWVhOGg5Q1dTNEZkclUxTzMmY29tcG9uZW50cz1idXR0b25zJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZtZXJjaGFudC1pZD02RlE4NFpKQUpYSllDIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfbGJ5b2FrZW9ycndxeGxxaXNrenp4bGR4Z2tkeHhyIn19&clientID=AZOn5PoFngUMjXvBOL0qr9Ox33XoKm76YHdIkF9m8TNMism-R3g5GFLpmX40Z_Ryea8h9CWS4FdrU1O3&sdkCorrelationID=f3997137ecb5c&storageID=uid_e6188b1fd2_mdk6mty6ndk&sessionID=uid_bd1c319e94_mdk6mty6ndk&buttonSessionID=uid_067d958a43_mdk6mty6ndk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&merchantID.0=6FQ84ZJAJXJYC&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Jun 2023 09:16:51 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f207734fc56f8
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230031-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f207734fc56f8-fd68cf21458f463b-01
x-timer: S1686820612.544126,VS0,VE191
etag: W/"401-vIUgqmN2I1zNdHNbqOl661Wz9YA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 1839 60 KB
20 KB 40ms
40ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F6AA) /

Resource Hash

38a98855add87ceae220cdceb1bc4e75e6c5c05346bbedea09279c03043297f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 233249
x-cache: HIT
paypal-debug-id: b1e4b6c6c8883
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20654
last-modified: Fri, 12 May 2023 17:09:48 GMT
server: ECAcc (ska/F6AA)
traceparent: 00-0000000000000000000b1e4b6c6c8883-9305c8ca10f31823-01
etag: W/"645e72dc-eeee"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jun 2023 09:16:51 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 1839 125 B
812 B 246ms
246ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD8) /

Resource Hash

5943035e0d8708500190365459d3d400115365bfd8bef7f2b26cf17120270164

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Jun 2023 09:16:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 2ad240ca75811
server: ECAcc (frc/4CD8)
traceparent: 00-00000000000000000002ad240ca75811-6c4d8879f1b907f3-01
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
access-control-allow-origin: https://www.paypal.com
paypal-debug-id: 2ad240ca75811
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json
server-timing: traceparent;desc="00-00000000000000000002ad240ca75811-c8a8df7396eac3d4-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 125

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame 1839 0
179 B 225ms
224ms XHR
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C8D) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Jun 2023 09:16:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 7eb8479015f06
server: ECAcc (frc/4C8D)
traceparent: 00-00000000000000000007eb8479015f06-f67b509779462445-01
access-control-allow-origin: https://www.paypal.com
paypal-debug-id: 7eb8479015f06
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-timing: traceparent;desc="00-00000000000000000007eb8479015f06-1cc2676fbafbf761-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 1839 0
497 B 1056ms
228ms Image
text/plain 2a04:4e42:200::291

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_bd1c319e94_mdk6mty6ndk&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::291 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:16:52 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: 4ccd356ad9fa1
server-timing: "traceparent;desc="00-00000000000000000004ccd356ad9fa1-1f94db1c7e00c1ba-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
x-served-by: cache-fra-eddf8230020-FRA, cache-hel1410023-HEL
correlation-id: 4ccd356ad9fa1
traceparent: 00-00000000000000000004ccd356ad9fa1-fd831122178a604f-01
x-timer: S1686820613.755114,VS0,VE196
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 3AEF 1022 B
2 KB 263ms
262ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f6bda1c3d20b0b3036fbcf9385de24fb0d2abe4db1539256e91c21fab469fd68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=white&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.378&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpPbjVQb0ZuZ1VNalh2Qk9MMHFyOU94MzNYb0ttNzZZSGRJa0Y5bThUTk1pc20tUjNnNUdGTHBtWDQwWl9SeWVhOGg5Q1dTNEZkclUxTzMmY29tcG9uZW50cz1idXR0b25zJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZtZXJjaGFudC1pZD02RlE4NFpKQUpYSllDIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfbGJ5b2FrZW9ycndxeGxxaXNrenp4bGR4Z2tkeHhyIn19&clientID=AZOn5PoFngUMjXvBOL0qr9Ox33XoKm76YHdIkF9m8TNMism-R3g5GFLpmX40Z_Ryea8h9CWS4FdrU1O3&sdkCorrelationID=f3997137ecb5c&storageID=uid_e6188b1fd2_mdk6mty6ndk&sessionID=uid_bd1c319e94_mdk6mty6ndk&buttonSessionID=uid_067d958a43_mdk6mty6ndk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&merchantID.0=6FQ84ZJAJXJYC&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json

Response headers

date: Thu, 15 Jun 2023 09:16:52 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f207734c8dc68
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230031-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f207734c8dc68-1b8e6f8132f28a6a-01
x-timer: S1686820612.943107,VS0,VE203
etag: W/"3fe-92BB++U+XHLQxeNguf1BrZXF12Y"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 34ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0SVHL5MWWD&_ono=1&gtm=45je36c0&_p=192010165&ul=en-us&sr=1600x1200&cid=918653018.1686820607&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBA&_s=2&dl=https%3A%2F%2Fcreflodollarministries.org%2Fgive&dt=Give%20%7C%20Creflo%20Dollar%20Ministries&sid=1686820607&sct=1&seg=1&en=page_view&_ee=1&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0SVHL5MWWD&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://creflodollarministries.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 09:16:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://creflodollarministries.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pages.elevate.salesforce.org
URL: https://pages.elevate.salesforce.org/embed/6c5e3583-718e-496c-ac5e-1b8886deb112

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
creflodollarministries.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: sgpoimrckct5cbx2oeeevoyc
.creflodollarministries.org/	1969-12-31 23:59:59	Name: ARRAffinity Value: 393d45af69daa9847e48620af0132336d9dae9af2c74f3da2e279bb13ac2dafc
.creflodollarministries.org/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 393d45af69daa9847e48620af0132336d9dae9af2c74f3da2e279bb13ac2dafc
.creflodollarministries.org/	1970-01-20 22:09:40	Name: _ga_S7KFZVPNCC Value: GS1.1.1686820607.1.0.1686820607.60.0.0
.creflodollarministries.org/	1970-01-20 22:09:40	Name: _ga Value: GA1.2.918653018.1686820607
.creflodollarministries.org/	1970-01-20 12:35:07	Name: _gid Value: GA1.2.1271593965.1686820607
.creflodollarministries.org/	1970-01-20 12:33:40	Name: _gat Value: 1
.creflodollarministries.org/	1970-01-20 12:33:40	Name: _gat_UA-73618700-1 Value: 1
.creflodollarministries.org/	1970-01-20 21:19:16	Name: _hjSessionUser_2966531 Value: eyJpZCI6IjU3MDNkMWNhLTIwOGUtNTNiYS04YTUzLWNjMTM3YzViZTU0YiIsImNyZWF0ZWQiOjE2ODY4MjA2MDc3MzYsImV4aXN0aW5nIjpmYWxzZX0=
.creflodollarministries.org/	1970-01-20 12:33:42	Name: _hjFirstSeen Value: 1
.creflodollarministries.org/	1970-01-20 12:33:40	Name: _hjIncludedInSessionSample_2966531 Value: 0
.creflodollarministries.org/	1970-01-20 12:33:42	Name: _hjSession_2966531 Value: eyJpZCI6Ijg4Yjg5YmVkLTU5MTQtNDI2Yy05NTlkLWY2NjY4MTk0YTk0YiIsImNyZWF0ZWQiOjE2ODY4MjA2MDc3NDYsImluU2FtcGxlIjpmYWxzZX0=
.creflodollarministries.org/	1970-01-20 12:33:42	Name: _hjAbsoluteSessionInProgress Value: 0
.creflodollarministries.org/	1970-01-20 22:09:40	Name: _ga_0SVHL5MWWD Value: GS1.2.1686820607.1.1.1686820607.60.0.0
.paypal.com/	1970-01-20 12:33:42	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-20 21:19:16	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 12:34:12	Name: LANG Value: fi_FI%3BFI
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AY9xsBX7blctPrGip97Y_SgGnraHECmPT.tRevCL3j1H6A%2BWeKc4DlgC2ion6D4KDFpzBcGrd08jw
.paypalobjects.com/	1970-01-20 12:35:07	Name: paypal-offers--cust Value: null:null:null
.paypal.com/	1970-01-20 12:37:59	Name: tsrce Value: loggernodeweb
.paypal.com/	1970-01-20 22:09:40	Name: ts_c Value: vr%3Dbe57e62c1880a7a0a454705fff7e84bf%26vt%3Dbe57e62c1880a7a0a454705fff7e84be
.c.paypal.com/	1970-01-20 22:09:40	Name: sc_f Value: KVVd97Aq0AX8oYCd4nj9BkEVeYWbzF2KCJqe2FP8j1yOU-o0883ddjSbqiP8CJiIRNlmX5bJ3YrO_bRXZ_JolC_bM90beSJev30Vmm
.paypal.com/	1970-01-20 22:09:40	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: yLoNo0TeaFQ5WKjKPZcjnG1TtxZg6To93wvoDnI2JlHtrRtauZcOv4gQc3YE8hLm8bhHWyKUyGvlmoPI
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY4NjgyMDYxMjA2MSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 22:09:40	Name: ts Value: vreXpYrS%3D1781515012%26vteXpYrS%3D1686822412%26vr%3Dbe57e62c1880a7a0a454705fff7e84bf%26vt%3Dbe57e62c1880a7a0a454705fff7e84be%26vtyp%3Dnew

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdnjs.cloudflare.com
chimpstatic.com
creflodollarministries.org
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
maxcdn.bootstrapcdn.com
pages.elevate.salesforce.org
payments-js.elevate.salesforce.org
region1.analytics.google.com
script.hotjar.com
static.elevate.salesforce.org
static.hotjar.com
stats.g.doubleclick.net
t.paypal.com
worldchangers.blob.core.windows.net
ws.sharethis.com
www.google-analytics.com
www.google.com
www.google.fi
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
pages.elevate.salesforce.org
13.225.78.88
151.101.129.35
151.101.193.21
18.66.112.25
18.66.122.49
18.66.97.49
184.25.158.47
192.229.221.25
20.60.62.4
2001:4860:4802:32::36
2600:9000:2251:ea00:3:c04e:c780:93a1
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:806::200e
2a00:1450:4001:809::2004
2a00:1450:4001:810::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200a
2a00:1450:400c:c00::9c
2a04:4e42:200::291
40.76.151.244
52.222.236.63
52.29.146.197
64.4.245.84
0550b48d0ab16de6b20b79aa996d899dcfa60393e8544cc3688eb34dd68fd8e0
0862104c2742e228150af9d337aa9339d15669b25d634d1e0689c6160451a238
0e62ab3ba4b38fed7e3c12eb6198068550e4988df3d4e2cf062bca914b71b8b3
0fe44eda0231a3a5e6b244a8ec36318fe886df6fc5a38a9fcf1fcd5575050e5c
107f9481b2dd83ad65f779262c7ffe23ab73f264feac2ba203b0ee86830a1a35
12790dce63c6f1eff597d88de839b6123b76b909bad0f8f827baa04d335e3d32
15b1ee97d0973eb26244def2aef7527d93e1fa91e9a7c380e8dfb7a681881a87
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
29116426077ea4374a6688f5ccb4155c1b8997c92349956baa9c854f47506758
2a0a930bc06b05855129689401fa6e7c2980c1470db1453b41377476f3f0a4b3
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
2f2ff0053aa7f14489bed373945610a16009cc7adbed1cb5a132c1c4700c0740
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
32166a64c06bb2ce88de2a9f0e50f706b242ac27176cdeb50844c363f2342194
38a98855add87ceae220cdceb1bc4e75e6c5c05346bbedea09279c03043297f2
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
39e3c60f81895117aebd6b042d88eb3e08b2c81810bfccd9f63645f90f7b8509
3b70feb9f0a15b537edabab9a6e35128338fa8cd81ce133467e4d8cd692dffda
3f5659d6781728e01ba6972516fd9d9d3c929d80edad34ff55f7fd16fe35e71d
40a36025c13edd9bfbc51ba8e19f5f7ed6fe774e87fd4762751f66683e367e08
454defb7d1cd172750cf615f594ca748f85a676bd455b2606d75b10f0770db4e
456a4c5dfca53be2fd8a92cc40502f7614ec6872fc18f23b77176324cdc576c8
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
50f781b931f69266d92381ed5a4a561dc01f428f48cb3d66329e273254d19062
5322dce1361fe14a766842c8354cf491812952ade74cf5a7f27a17031fd73770
58efae21c6e49a50e769675ebbf5a6b7328db3c131b8734fda1f6bf18743ec16
5943035e0d8708500190365459d3d400115365bfd8bef7f2b26cf17120270164
5bad0658ea23d85d08fe0c5484686cf9c7e7ebefefc47627c8013a0f1647c289
5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e
643201751ef6cc1dd1e9cfb58faf6a93777dc3268a74e39ce8b0153895f7102d
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
6a54d3754ca03adb7b754ea571229a38ba295dc3cb33c0d260f25e3e09185322
6ab61f2ea49fa9ab22d96a4fd4ba28df7b65e9165aba42023c024753421940b1
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f2251079db9fde7d456ba66a9294899f3024dac928bec71b3ce42e1568f304f
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
75af3f02e261fd1de03fcb2481abba8a3ca2f545184f03887f34a5cc0cd0b23f
7a5a45232acd44e6f2148d33f80af06da890e04b5bd4ea0aa62cf2f94ea982c1
7bee58add5e14cd2cf1672f57af66004a5aca290d383bda06dc1bf0a48c00b77
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
80cde2ae8e6e56445bb648ae7bc7c8b1d8715e058e0d370ef404d6867977b2b8
88e079f49c3e911717bb90444158cece214d673b70995b2883d3c0908dbb95ed
88f646afd332c6ed4fdc25ae8f81a3d1a1f9a6ceaa78e77e028f07ba764ce391
89a2caba9f11ead9786d764661425b4035a22b52a253871d07370c914d324378
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8b88d06e22d8d0e9a05d62e0bd6b2516d72656681b2d70438fb648438f7e6478
8eb5f75311339e397ab1b28fd32d4992af9e645ff00710dd9f49b88a4246f9a7
8fb1a7fd3a1c37ed25dbcc212bf24da832dc8e2e9419fe463b6e760126d334e2
9016ad214221d3a380a5543f102ae3451e19a716b9b9a32cfc1bb278197e5a71
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
934b53d54eb38e2d87c80ba7d3efb3e512a98bf0e38af24d0ed0dc2c480b28b0
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93ba39fb13f96a8cba31b67c3a4199c56c753fab437e5863ce2aa3a943a770cf
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
9968c81381403205040781618277724c6790a0450baa762d95a214f31ebdef3b
a5d6a1ef2468e75bf27fece108ce1d40ff3ea68861db79ceec55205a1e88ec07
a77d0f1f42cefa07b3956058d9630989ce87502c392abae4f58c68b61776893a
aa8d026a6e17274410d3a5e70a20856018771835d4e398f7969529f9e9b6c815
ac08c107ca650ec827eaf80852b70506ec2d0e27ae87d651bb1ba9b2fe003dee
b4f849a31827ce40954dd785d78d19c114188dc2287fcdd59cdf0e9a84c95f61
bf802a6ab31409719f7fb4b2f5c9afd771f6db79c880dcb80522471817eb79ad
c0aac7c36fab3ad110b18a455ead491f453319bfe6a0865a722bc792beb0c8a5
c112122123af6e36a38d5da11b0ca4cf5a74d7f0f3dcd38b26c52ab33d0c0396
c22308edbb8e579501cdd58de2ce245ea13f2d9efde21c79a0938e21094305a3
c28ee2b2973f6d6e13388d4d57b1e148070d844bd6c5481859a1db612eacc0d7
c419424328d978ea6ebc6dd97f9bbbc5ec3c4b9dcfddc25383b283890955b2aa
d01ee3d2e0a22a81b1962c89e7b6cc8f256a0a3fc24761dd5b923dd4bc679d00
d0a641448a59a788a6533b3781caae5049cebcdac20d9ef028fde9a6e6070c06
d9776113b6231305c8d399ab21532e47bd368d31a50788cb9c96fc2eb2724349
dd14bd3b1230779383bd7491984f5b2e64a0fbb06ebd1643f4236ec6d49554dd
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
df7e5d9488ec5a5fe504a3db62f5bd6db68e7c16fe22aa142a1e6e86191d1491
e2e9c2a8caf63e6916ffee45f802b86532d1c13b5a480267dbc99c000d6d63b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6dfdc1fcf0e5767b89c283e8f9f3745ae6abfd712d5e086ed5961aae22b63db
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ecc0c6a3472dedaec0d67d0fb65a5e342929b1afa41f203454f1e707fd8cda7e
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12e922907e5f543ec3045ec6889098ea577bef9237fe32dd73f454452e71601
f6bda1c3d20b0b3036fbcf9385de24fb0d2abe4db1539256e91c21fab469fd68
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
f7f83a622c1b564255e1ff40696182189f5a1305795541b203c0be8972674221
f8b34e2691831dd7335343860d1e3650ae3cb549aced769a151402995d37a4a0
fbe8e036c45d75525306adf8848514a164bb69672abdbc1e429ce99e9d018ccb
fe5ed75cb1afefdefa31721ca5ed6c5b9a63b9f921e12877a96180f5d423a22b
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

creflodollarministries.org Open in urlscan Pro 40.76.151.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

98 %HTTPS

48 %IPv6

17 Domains

27 Subdomains

26 IPs

3 Countries

2390 kBTransfer

7173 kBSize

25 Cookies

32 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

creflodollarministries.org Open in urlscan Pro
40.76.151.244 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

98 %
HTTPS

48 %
IPv6

17
Domains

27
Subdomains

26
IPs

3
Countries

2390 kB
Transfer

7173 kB
Size

25
Cookies

122 HTTP transactions
1 data transactions